OverviewWho we're looking forToyota's Cyber Risk Department is looking for a passionate and highly motivated
Senior Cyber Risk Assurance Analyst.The primary responsibility of this role is to design, manage, and maturing the Information Security Governance, Risk, and Compliance program. In this role, you will engage with leaders across the organization (e.g., Information Security, Data and Technology, Legal, Privacy, etc.) to establish and mature the GRC program and supporting processes. This leader must demonstrate broad knowledge of Information Security processes, as well as a strong understanding of industry frameworks (e.g. NIST CSF, ISO 27001, PCI DSS, etc.), and regulatory requirements (e.g. Sarbanes-Oxley, FFIEC, etc.).
What you'll be doing- Cybersecurity Governance Strategy: Develop and implement a comprehensive cybersecurity governance strategy aligned with organizational goals, risk management, regulatory needs, and industry best practices.
- Policy Development: Create, update, and enforce cybersecurity policies, standards, and processes to ensure compliance with regulations and industry standards. Stay current with changes to existing regulations and newly emerging regulations or industry guidance applicable to Toyota companies and provide timely guidance regarding potentially impacting changes.
- Security Audits: Liaise with stakeholders to support security-related regulatory and statutory audit and assessment activities.
- Compliance: Manage the remediation of audit and assessment findings by partnering closely with Information Security leaders and other stakeholders to develop remediation plans and ensuring the countermeasures are in place on a timely basis.
- Dashboards and reporting: Develop and manage clear risk and compliance dashboards, that can be tailored to differing audiences (i.e. management, executives, etc.) to communicate risks and mitigation strategies.
- Security Tools and Technologies: Oversee the selection, implementation, and management of cybersecurity governance tools and technologies.
What you bring- Bachelor's degree in computer science, information technology, or a related field.
- Proven experience (4-6 years) in IT audit and / or cybersecurity roles, with a strong background in cybersecurity frameworks, strategy, standards, and regulations.
- Strong ability to influence and build relationships with LOB stakeholders, technology leadership, internal, and external partners.
- Strong project management, strong writing proficiency, and organizational abilities.
- Experience conducting Information Security risk assessments.
Added bonus if you have- Certified Information Systems & Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Security Auditor (CISA) certifications.
- Progressive work experience in a similar field and / or industry.
What we'll bringDuring your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities.
A few highlights include:
• A work environment built on teamwork, flexibility and respect
• Professional growth and development programs to help advance your career, as well as tuition reimbursement
• Team Member Vehicle Purchase Discount
• Toyota Team Member Lease Vehicle Program (if applicable)
• Comprehensive health care and wellness plans for your entire family
• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute
• Paid holidays and paid time off
• Referral services related to prenatal services, adoption, childcare, schools and more
• Tax Advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA)
• Relocation assistance (if applicable)