Regional Governance Manager & Virtual CISO

Overview

Who we are

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world's most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We're looking for talented team members who want to Dream. Do. Grow. with us.

An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experience in an innovative, collaborative environment.

Senior Consultant, vCISO

Location: Plano, TX

Excited to grow your career at Toyota?

We value our talented employees, and whenever possible strive to help one of our associates grow professionally before recruiting new talent to our open positions. If you think the open position you see is right for you, we encourage you to apply!

Our people make all the difference in our success.

An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company - delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experiences in an innovative, collaborative environment.

To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time.

Who We're Looking For

Toyota Financial Services (TFS) Technology team is looking for a highly motivated person to fill a role as a Senior Consultant, Virtual Chief Information Security Officer.

The primary responsibility of this role is an internal consultant acting as the senior-most security professional on assignment with one or more TFS Group companies delivering the overall Information Security program for the assigned TFS Group company(ies). Working closely across the executive layer, the vCISO will lead direct interactions with the assigned TFS Group company's Executive leadership teams (e.g., Board of Directors, Management Committees, etc.) to communicate critical security issues, risks, and remediation plans in line with statutory requirements and regulations. This key role will advocate for security improvements driving maturity and risk reduction with executive leadership providing strategy, executive influence, mentoring, and thought leadership at the TFS Group company(ies) they are assigned to.

This role will be working in the Global Information Security Services group within the Information Security team and will collaborate and interact with companies and teams across the global TFS Group with focus on Americas region.

What you'll be doing

• Directly integrate with and lead executive-level conversations ensuring collaborative security inclusion early and often in business initiatives.
• At the executive layer, collaborate with and influence business units across the organization and third-party vendors to provide guidance on security controls for managing risk for the assigned company(ies).
• Develop and influence multi-year security roadmaps and strategies with the assigned company(ies).
• Continually mature the Information Security program ahead of business needs to implement security services for the business proactively.
• Develop and present key security risk metrics and reports to executive leadership to drive awareness of and action outcomes for increasing security maturity.
• Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
• Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support security goals and objectives to reduce organizational risk.
• Create and maintain an information security-conscience culture within each assigned company.
• Represent the assigned company(ies) as an ambassador in various settings such as executive meetings, committees, vendor relationships, public-private partnerships, etc.
• Evaluate policy, standards, and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
• Monitor and evaluate the effectiveness of the enterprise's cybersecurity technical safeguards to ensure they provide the intended level of protection.
• Identify security requirements for an information technology (IT) system in all system life cycle phases.
• Ensure that action plans and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
• Oversee the development and integration of cybersecurity designs for systems and networks with multilevel security requirements and requirements for processing multiple data classification levels.
• Evaluate protective controls, such as Intrusion Prevention Systems, Web Application Firewalls, Endpoint Protection, Data Loss Prevention, Encryption Systems, Firewall Configurations, Vulnerability Management, etc., to meet the organization's security standards.

What You Bring

• Concise, polished executive presence and communication skills (written and verbal)
• Exceptional leadership, project, and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments.
• 10+ years' experience in information security or similar field at least 5 years of which as a senior security manager/consultant, vCISO, BISO, CISO, or equivalent role that was responsible for broad security program development and operations.
• Ability to translate a deep understanding of business needs into practical security solutions and identify risks associated with business processes, operations, information security programs and technology projects.
• Detailed understanding of security strategies and industry-leading program design
• Familiarity with common security technology solution types: e.g. firewall, router, VPN, IDS/IPS, SIEM, vulnerability scanners, Cloud Access Security Brokers, Data Loss prevention solutions, anti-virus, single sign on, etc.
• Familiarity with common security processes such as: access control, user lifecycle management and access governance, vulnerability management, data protection, security governance, security operations, incident response, etc.
• Knowledge and experience in security frameworks including ISO 27001, NIST and OWASP Top 20
• Experience designing security in large public cloud technologies (AWS/Azure/Google Cloud Platform

Added bonus if you have

• Spanish and/or Portuguese language proficiency
• Experience conducting audits or reviews of technical systems utilizing computer protection components (e.g., hardware firewalls, servers, intrusion prevention, web application firewalls, anti-virus, as appropriate).
• Security profession certification such as CISSP, CCISO, CCSP, CCSK, ISSAP, etc.
• Experience with security/privacy impacting regulations/frameworks across US and international markets (e.g., FFIEC, CCPA, GDPR, LGPD) and their applicability to technologies and applications

What we'll bring

During your interview process, our team will provide detailed information about our industry-leading benefits and career development opportunities. Here are a few highlights:

• A work environment built on teamwork, flexibility, and respect.
• Professional growth and development programs to help advance your career, including tuition reimbursement.
• Team Member Vehicle Purchase Discount.
• Toyota Team Member Lease Vehicle Program (if applicable).
• Comprehensive health care and wellness plans for your entire family.
• Toyota 401(k) Savings Plan with a company match, plus an annual retirement contribution from Toyota regardless of your own contributions.
• Paid holidays and paid time off.
• Referral services for prenatal services, adoption, childcare, schools, and more.
• Tax advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA) .
• Relocation assistance (if applicable).

Belonging at Toyota

Our success begins and ends with our people. We embrace all perspectives and value unique human experiences. Respect for all is our North Star. Toyota is proud to have 10+ different Business Partnering Groups across 100 different North American chapter locations that support team members' efforts to dream, do and grow without questioning that they belong.

Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.

Have a question, need assistance with your application or do you require any special accommodations? Please send an email to .