Toyota Connected

  • Deputy Chief Information Security Officer (CISO)

    Job Locations US-TX-Plano
    Posted Date 1 month ago(3/22/2018 9:36 AM)
    # of Openings
    Technology Development

    Toyota Connected is a fast paced, cloud-only software development environment that needs an experienced, forward-thinking security leader to become their next Deputy Chief Information Security Officer (CISO).  The Deputy CISO will be responsible for designing, implementing, and optimizing the cybersecurity program including responsibility for ensuring the security of Toyota Connected products and services. The Deputy CISO is responsible for coordinating and reporting of the program to the Toyota North America & Toyota Connected CISO, Toyota Connected CEO, and the Toyota Connected Chief Product Owners.


    • Lead and manage a comprehensive cybersecurity program for Toyota Connected, including:
      • Build and lead a team of 6 to 8 people responsible for core technical and administrative security capabilities
      • Core capabilities span three principal areas:
        • Administrative security - risk management, compliance, policies, contracts, E&A, reporting & metrics
        • Technical security operations - active defense, attack surface reduction, incident response, security baselines, automation of controls, security as code in CI/CD and cloud contexts
        • Product security – Security solutioning and value creation for software product lines including pipeline integration of toolsets that support secure coding, cryptography, and other new components as needed
      • Drive assessment, understanding, and alignment of cybersecurity risk with company senior executives. Recommend actions in line with overall company risk management and gain acceptance at appropriate levels
    • Deliver security for Toyota Connected products and services, including:
      • Facilitate technical conversation with appropriate stakeholders and product owners
      • Oversee security solutions in a progressive development environment
      • Focus on product security requirements and issues tied to Toyota Connected lifecycles within an Agile environment
      • Establish product security policies that encompass the entire product/service lifecycle, from design through production planning, validation, manufacturing, distribution, and service
      • Ensure all products and services are appropriately reviewed from a cybersecurity perspective (scans, red team testing, risk reviews, etc.) before and during deployment


    • Strong knowledge in technical foundations of modern cloud computing security, application security, networking security, and cryptography
    • Fundamental knowledge of cybersecurity administrative principles and practices including planning, risk management, and assessment processes
    • Fundamental knowledge of DevSecOps, DevOps, Agile, and Scrum
    • Clear ability to communicate persuasively and build business case with senior executives up to the board level
    • Ability to prepare, justify, and manage a cybersecurity budget
    • Demonstrable knowledge, understanding, and capabilities via either previous work or certifications in:
      • Cloud Security Concepts and Technology
      • Product Security and SW Development
      • Security operations and delivery
      • Security-related GRC
    • 10 years of experience in Information Security, product SW engineering, information technology or related fields
    • 3 years of senior management experience including ability to lead onsite and remote teams
    • Previous experience in managing cybersecurity across a diverse set of geographies, lines of business, threat environments, regulatory schemes, and contractual requirements
    • Previous experience in a complex, high assurance, connected services environment is a plus


    We offer 

    • Money. (We pay well and we reward excellence)
    • An environment of A-players. We're careful about who we hire because we find that people who are at the top of their field like working around others who know what they're doing
    • Freedom to work with modern technologies in a greenfield environment. We care that you get your work done, but you will get to help decide on how we can leverage modern technologies to solve our challenges
    • Unlimited time off. No one is tracking your time here. You'll be treated like the professional we know you are and left to manage your own time and work load
    • Four months of parental leave. We want new moms and dads to have an opportunity to tend to their new or growing family
    • Nice perks like 401(k) with generous company match, gym memberships, Toyota vehicle discounts, game rooms, free food, team activities and happy hours


    Who is Toyota Connected?


    Toyota Connected is a new company created to bring big data and cloud intelligence into all aspects of the mobility experience so that driving a Toyota or Lexus is more personal, intuitive and safe.  We create and enable technologies that delight and simplify the lives of those who use our products and empower them to think of, and use their vehicle in whole new ways.


    Toyota Connected is proud to be an equal opportunity employer that celebrates the diversity of the communities where we live and do business. Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.


    *No 3rd Party Agencies Please




    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed