API Security Lead

Overview

Who we are

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world's most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We're looking for talented team members who want to Dream. Do. Grow. with us.

An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experience in an innovative, collaborative environment.

Excited to grow your career at Toyota?

We value our talented employees, and whenever possible strive to help one of our associates grow professionally before recruiting new talent to our open positions. If you think the open

position you see is right for you, we encourage you to apply!

Our people make all the difference in our success.

An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company - delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experiences in an innovative, collaborative environment.

Who We're Looking For

Toyota Financial Services (TFS) Technology team is looking for a highly motivated person to fill a role as a Senior API Security Engineer with deep experience securing API gateways and enterprise integration platforms to join the API & AI Security team.

The ideal candidate has strong API fundamentals, a working understanding of API gateways and integration platforms, and hands-on exposure to API security concepts, standards development, and tooling. This is a growth-oriented role with opportunities to influence architecture, standards, and developer enablement.

What you'll be doing

• Design and implement security controls for REST and event-driven API gateway layer across cloud and hybrid environments
• Partner with application, security, and platform teams to embed security into API design, development, and deployment
• Define, configure, and enforce API gateway policies for authentication, authorization, encryption, and traffic-management controls
• Support and secure API gateway and integration platforms, including policy configuration, logging, monitoring, and threat detection
• Assess APIs for security risks such as OWASP API Top 10, improper auth, and abuse patterns
• Monitor API traffic and collaborate with SOC and engineering teams on incident response and remediation
• Contribute to API security architecture reviews and technical design discussions
• Develop documentation, patterns, and guidance to enable secure API adoption across teams.

What You Bring

• At least 5 years of experience in Cyber Security, with a focus on API gateway engineering
• Exposure to API gateway security tools (runtime protection, discovery, or posture management)
• Experience in application, cloud, or security engineering roles
• Solid understanding of API fundamentals
• Excellent analytical and problem-solving skills with the ability to analyze complex issues and recommend effective solutions
• Familiarity with API gateways or integration platforms and policy-based security controls
• Experience with JSON, Open API/Swagger, and API documentation standards
• Strong verbal and written abilities to engage with technical and non-technical resources
• Highly organized and detail oriented
• Self-motivated personality who can work independently and in team settings with minimal direction or guidance

Added bonus if you have

• Understanding of network security concepts as applied to cloud and APIs
• Cyber Security relevant certifications including CISSP, CEH, CCSP, or similar
• Experience with developing and implementing Cyber Security policies and standards
• Risk Management experience in a regulated environment
• Knowledge of Cyber Security regulations and laws

What We'll Bring

During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities. A few highlights include:

• A work environment built on teamwork, flexibility, and respect
• Professional growth and development programs to help advance your career, as well as tuition reimbursement
• Vehicle purchase & lease programs
• Comprehensive health care and wellness plans for your entire family
• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute
• Paid holidays and paid time off
• Referral services related to prenatal services, adoption, childcare, schools and more.

Belonging at Toyota

Our success begins and ends with our people. We embrace all perspectives and value unique human experiences. Respect for all is our North Star. Toyota is proud to have 10+ different Business Partnering Groups across 100 different North American chapter locations that support team members' efforts to dream, do and grow without questioning that they belong.

Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.

Have a question, need assistance with your application or do you require any special accommodations? Please send an email to .