CROM Third-Party Cyber Risk Management Senior Engineer

Overview

Who we're looking for

Toyota’s Cybersecurity and Risk Management (CSRM) Department is looking for a passionate and highly motivated Third-Party Cyber Risk Management (TPCRM) Engineer II.

The primary responsibility of this role is to collaborate with a wide range of internal Toyota business groups and with external third parties.

Work with internal members to recommend and implement process improvements related to daily work to improve efficiency and results for the TPCRM program.

Work with third parties to assess cybersecurity posture and support remediation activities. This position requires an understanding of Cybersecurity, a strong passion to learn the TPCRM Program, inquisitiveness about the processes to identify improvement opportunities, and a strong team player.

Reporting to the TPCRM Manager, the person in this role will support the CSRM department's objective to become a global cybersecurity leader in the mobility space by using leading cybersecurity capabilities including :

Connected vehicles .

Contactless customer experience

A secure, modern workplace for employees

Third-Party Cybersecurity Risk Management (TPCRM)

We are looking for self-motivated individuals who want to grow in their capabilities and contribute to the overall TPCRM Program enhancements to support Toyota’s expansive ecosystem.

What you'll be doing

Collaborate with internal Toyota groups such as Purchasing, Indirect Procurement, Retail Market Development Operations, IT Business Partners, etc.

to gather a holistic Third-Party Universe for Toyota Motor North America that can be systemically updated and maintained with an accurate count.

Track TPCRM Inherent Risk Assessment (IRA) and Cyber Risk Assessment (CRA) status and final ratings as well as a mechanism to flag overdue items and escalate to Assessors responsible appropriately.

Develop and maintain a visual and repeatable Monthly Tracking Report on IRAs and CRAs completion rate, escalation status, and Third-Party Universe

Kick off IRAs with internal business functions and IT.

Recommend and implement process improvements related to daily work to improve efficiency and results for the TPCRM team and internal business functions.

Support TPCRM Team with coordinating TPCRM and Cybersecurity Awareness meetings, and Best Practices info-sharing sessions with internal business functions, Dealers, and Suppliers

Perform CRAs with low-risk Suppliers and shadow other assessors to learn the cybersecurity technical requirements, security and data controls needed in place, and how to navigate the technical landscape internally and externally with key stakeholders.

What you bring

Bachelor’s degree in computer science, other engineering, related field, or equivalent experience

Experience in IT and / or Cybersecurity

Experience in strategy, consulting, engineering, or other relevant discipline

Experience working in an environment requiring strong interpersonal skills collaboration, building trust, team player.

Experience using problem-solving abilities.

Experience using communication skills (verbal and written) to tailor messages to different audiences, presenting them clearly and concisely at the right altitude,

Experience leading or being an active participant in cross-functional projects or activities.

Experience working in an environment requiring management of a wide variety of initiatives across multiple business units.

Added bonus if you have

Experience in Compliance

Experience working in an environment requiring a proactive, motivated individual who can self-manage and execute once given strategic direction.

Experience working in an agile framework.

Experience building and / or analyzing financial business cases.

Experience in product management

Demonstrated success in project management, business analysis, and data analysis.

Proven ability to bring clarity and focus to complex and ambiguous situations.

What we'll bring

During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities.

A few highlights include :

A work environment built on teamwork, flexibility, and respect.

Professional growth and development programs to help advance your career, as well as tuition reimbursement.

Vehicle purchase & lease programs

Comprehensive health care and wellness plans for your entire family

Flextime and virtual work options (if applicable)

Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute.

Paid holidays and paid time off

Referral services related to prenatal services, adoption, childcare, schools and more.

Flexible spending accounts