About the position

Overview Who we are Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world’s most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We’re looking for talented team members who want to Dream. Do. Grow. with us. An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experience in an innovative, collaborative environment. To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time. Who we’re looking for The Toyota Financial Services Information Security Department is looking for a passionate and highly motivated Cyber Threat Emulation Lead. Reporting to the National Manager of Threat Emulation & Investigations, this role will collaborate with other Red Team operators to simulate threat actor techniques. The primary focus is to evaluate and enhance cyber defenses through Red Team operations, penetration testing, and technical control assessments. Additionally, this role supports global shared security services and collaborates with TFS Group companies as needed. This role is an in-office position based at our Plano, TX headquarters. Candidates are expected to live within a commutable distance to Plano and work on-site Monday through Thursday, with hybrid work options available on Fridays.

Responsibilities

• Design and execute red team operations to test the quality of our cyber controls using threat actor techniques
• Create detailed reports capturing the results of operations and/or penetration tests with appropriate evidence and mitigation strategies
• Partner with key stakeholders, including technology owners and other security teams, to share results, provide insights, and improve the readiness of detection and response capabilities
• Effectively evaluate the risk of identified findings for remediation prioritization
• Leverage your technical skillset to provide assistance and guidance to security events as needed
• Stay current on global cyber trends/attacks for application to the Toyota environment
• Serve as a role model for continuous learning, cooperation, and knowledge sharing with teammates
• Building a trusting and safe environment where problems can be raised without fear of blame, retribution, or being judged, with an emphasis on problem-solving

Requirements

• A curious mindset and desire to learn
• At least seven (7) or more years of experience in one or more of the following domains: Red Team operations (Kali, Cobalt Strike, Outflank, Brute Ratel, Sliver, Nighthawk) Software development OffSec infrastructure management Penetration testing (network/web/mobile: Nessus, Qualys, Burp Suite) Reverse engineering Social Engineering Cloud, AI
• Suitable for executive engagement and the capability to influence and encourage prioritization of security initiatives
• Bachelor’s Degree from an accredited institution, or equivalent experience

Nice-to-haves

• Relevant security certification (CRTO, OSCP, OSWE, CISSP)
• Familiarity with security frameworks for attack (MITRE ATT&CK, Cyber Kill Chain), threat modeling (STRIDE, CVSS), and guidance (NIST, PCI).
• Understanding of regulatory issuances, such as CFPB, GLBA and SOX, and their applicability to technologies, applications and privacy laws (GDPR & CCPA) and other legal and compliance privacy and information security requirements.
• Advanced degree with a concentration in an IT related area.

Benefits

• A work environment built on teamwork, flexibility, and respect
• Professional growth and development programs to help advance your career, as well as tuition reimbursement
• Team Member Vehicle Purchase Discount
• Toyota Team Member Lease Vehicle Program (if applicable)
• Comprehensive health care and wellness plans for your entire family
• Flextime and virtual work options (if applicable)
• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute
• Paid holidays and paid time off
• Referral services related to prenatal services, adoption, childcare, schools and more
• Flexible spending accounts
• Relocation assistance (if applicable)