Senior Consultant, Virtual Chief Information Security Officer

Overview Who we are

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota.

As one of the world’s most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve.

We’re looking for diverse, talented team members who want to Dream. Do. Grow. with us.

A variety of soft skills and experience may be required for the following role Please ensure you check the overview below carefully.

An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America.

While TFS is a separate business entity, it is an essential part of this world-changing company delivering on Toyota’s vision to move people beyond what’s possible.

At TFS, you will help create best-in-class customer experiences in an innovative, collaborative environment.

This position is based in Plano, TX with a hybrid mix of some in-office time and some remote work.

To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time.

Who We’re Looking For

Toyota Financial Services (TFS) Technology team is looking for a highly motivated person to fill a role as a Senior Consultant, Virtual Chief Information Security Officer.

The primary responsibility of this role is an internal consultant acting as the senior-most security professional on assignment with one or more TFS Group companies delivering the overall Information Security program for the assigned TFS Group company(ies).

Working closely across the executive layer, the vCISO will lead direct interactions with the assigned TFS Group company’s Executive leadership teams (e.

g., Board of Directors, Management Committees, etc.) to communicate critical security issues, risks, and remediation plans in line with statutory requirements and regulations.

What you’ll be doing

• Directly integrate with and lead executive-level conversations ensuring collaborative security inclusion early and often in business initiatives.
• At the executive layer, collaborate with and influence business units across the organization and third-party vendors to provide guidance on security controls for managing risk for the assigned company(ies).
• Develop and influence multi-year security roadmaps and strategies with the assigned company(ies).
• Continually mature the Information Security program ahead of business needs to implement security services for the business proactively.
• Develop and present key security risk metrics and reports to executive leadership to drive awareness of and action outcomes for increasing security maturity.
• Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
• Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support security goals and objectives to reduce organizational risk.
• Create and maintain an information security-conscience culture within each assigned company.
• Evaluate policy, standards, and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
• Monitor and evaluate the effectiveness of the enterprise's cybersecurity technical safeguards to ensure they provide the intended level of protection.
• Identify security requirements for an information technology (IT) system in all system life cycle phases.
• Ensure that action plans and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
• Oversee the development and integration of cybersecurity designs for systems and networks with multilevel security requirements and requirements for processing multiple data classification levels.
• Evaluate protective controls, such as Intrusion Prevention Systems, Web Application Firewalls, Endpoint Protection, Data Loss Prevention, Encryption Systems, Firewall Configurations, Vulnerability Management, etc.

to meet the organization's security standards.

What You Bring

• Concise, polished executive presence and communication skills (written and verbal).
• Exceptional leadership, project, and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments.
• 10+ years’ experience in information security or similar field, at least 5 years of which as a senior security manager / consultant, vCISO, BISO, CISO, or equivalent role responsible for broad security program development and operations.
• Ability to translate a deep understanding of business needs into practical security solutions and identify risks associated with business processes, operations, information security programs, and technology projects.
• Detailed understanding of security strategies and industry-leading program design.
• Familiarity with common security technology solution types : e.g., firewall, router, VPN, IDS / IPS, SIEM, vulnerability scanners, Cloud Access Security Brokers, Data Loss prevention solutions, anti-virus, single sign-on, etc.
• Familiarity with common security processes such as : access control, user lifecycle management and access governance, vulnerability management, data protection, security governance, security operations, incident response, etc.
• Knowledge and experience in security frameworks including ISO 27001, NIST, and OWASP Top 20.
• Experience designing security in large public cloud technologies (AWS / Azure / GCP).

Added bonus if you have

• Spanish language proficiency.
• Experience conducting audits or reviews of technical systems utilizing computer protection components (e.g., hardware firewalls, servers, intrusion prevention, web application firewalls, anti-virus, as appropriate).
• Security profession certification such as CISSP, CCISO, CCSP, CCSK, ISSAP, etc.
• Experience with security / privacy impacting regulations / frameworks across US and international markets (e.g., FFIEC, CCPA, GDPR, LGPD) and their applicability to technologies and applications.

What We’ll Bring

During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities.

A few highlights include :

• A work environment built on teamwork, flexibility, and respect.
• Professional growth and development programs to help advance your career, as well as tuition reimbursement.
• Team Member Vehicle Purchase Discount.
• Toyota Team Member Lease Vehicle Program (if applicable).
• Comprehensive health care and wellness plans for your entire family.
• Flextime and virtual work options (if applicable).
• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute.
• Paid holidays and paid time off.
• Referral services related to prenatal services, adoption, childcare, schools, and more.
• Flexible spending accounts.
• Relocation assistance (if applicable).

Belonging at Toyota

Our success begins and ends with our people. We embrace diverse perspectives and value unique human experiences. Respect for all is our North Star.

Toyota is proud to have 10+ different Business Partnering Groups across 100 different North American chapter locations that support team members’ efforts to dream, do and grow without questioning that they belong.

As a company that has been one of DiversityInc’s Top 50 Companies for Diversity and a member of The Billion Dollar Roundtable supporting minority and woman-owned suppliers for over 10 years, we are proud to be an equal opportunity employer that celebrates the diversity of the communities where we live and do business.

Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.

Have a question, need assistance with your application or do you require any special accommodations? Please send an email to [email protected].

J-18808-Ljbffr