Incident Response Lead

Overview

Who we are

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world's most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We're looking for talented team members who want to Dream. Do. Grow. with us.

An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experience in an innovative, collaborative environment.

Post Incident Review (PIR) Lead

To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time.

Excited to grow your career at Toyota?

We value our talented employees, and whenever possible strive to help one of our associates grow professionally before recruiting new talent to our open positions. If you think the open position, you see is right for you, we encourage you to apply!

Description
Toyota Financial Services (TFS) Technology team is seeking an experienced and proactive Post Incident Review Lead to oversee and drive the post-incident review process for cybersecurity events and incidents. This leadership role is responsible for managing the PIR team, ensuring thorough analysis of security incidents, driving continuous improvement in post incident review, and collaborating with senior stakeholders to strengthen Toyota's cybersecurity posture.

What You'll Be Doing

• Lead and manage the Post Incident Review team, providing guidance, mentorship, and performance management to senior and junior analysts
• Oversee all post-incident investigations to ensure comprehensive root cause analysis, impact assessment, and actionable remediation recommendations
• Collaborate closely with Security Operations, IT, Risk Management, Business Units, and executive leadership to communicate findings and drive resolution
• Develop and enhance post-incident review frameworks, methodologies, and tools to improve efficiency and effectiveness of incident analysis
• Facilitate lessons learned sessions and ensure key insights are integrated into incident response playbooks, SOPs, and training programs
• Identify systemic risks and trends from incident data to inform strategic risk mitigation and security program enhancements
• Ensure compliance with regulatory requirements and internal policies through detailed documentation and audit support
• Drive continuous improvement initiatives in incident response processes based on evolving threat landscape and industry best practices
• Represent the PIR function in cross-functional security governance forums and contribute to enterprise-wide cybersecurity strategy

What You Bring

• Bachelor's degree in computer science, Information Security, or related field, or equivalent experience
• 7+ years of progressive experience in Information Security with significant exposure to incident response and post-incident review activities
• Proven leadership experience managing technical and/or non-technical teams in a cybersecurity environment
• Strong expertise in root cause analysis, incident timeline reconstruction, and application of frameworks such as MITRE ATT&CK
• Deep understanding of Cyber Threat TTPs, threat hunting techniques, and enterprise SIEM/security analytics platforms (e.g., Splunk, Exabeam)
• Excellent communication skills with ability to translate complex technical findings for diverse audiences including executives
• Experience developing and refining SOPs, playbooks, and training materials for post incident review or incident response programs
• Familiarity with security frameworks such as ISO 27001, NIST, SOX, and regulatory compliance requirements
• Relevant certifications preferred (e.g., CISSP, GCIH, GSEC, OSCP, CYSA+)

What We'll Bring

During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities. A few highlights include:

• A work environment built on teamwork, flexibility and respect
• Professional growth and development programs to help advance your career, as well as tuition reimbursement
• Team Member Vehicle Purchase Discount
• Toyota Team Member Lease Vehicle Program (if applicable)
• Comprehensive health care and wellness plans for your entire family
• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute
• Paid holidays and paid time off
• Referral services related to prenatal services, adoption, childcare, schools and more
• Tax Advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA)
• Relocation assistance (if applicable)

Belonging at Toyota

Our success begins and ends with our people. We embrace all perspectives and value unique human experiences. Respect for all is our North Star. Toyota is proud to have 10+ different Business Partnering Groups across 100 different North American chapter locations that support team members' efforts to dream, do and grow without questioning that they belong.

Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.

Have a question, need assistance with your application or do you require any special accommodations? Please send an email to .