Application Security Engineer (Cloud)

About The Position

Requirements

• 3+ years of experience in Application Security, Product Security, or DevSecOps
• Practical experience performing threat modeling and security reviews for applications or services
• Hands-on experience securing applications running in AWS
• Experience using Infrastructure as Code tools (Terraform, OpenTofu, Cloudformation, Crossplane, etc.)
• Experience working with CI/CD pipelines
• Working knowledge of API security, authentication, authorization, and service-to-service communication
• Solid experience with Linux/Unix systems
• Ability to write clear, maintainable scripts in Python, Bash, or PowerShell
• Familiarity with modern application security practices (Secure SDLC, OWASP Top 10, etc.)
• Strong problem-solving skills and the ability to escalate risks appropriately
• Ability to collaborate effectively with engineers and security peers
• Strong and effective written and verbal communication skills

Responsibilities

• Perform threat modeling and application security reviews for cloud services and APIs, including systems that interface with vehicle platforms
• Review and provide feedback on application and cloud security architecture in partnership with senior engineers and architects
• Work with engineering teams to integrate security controls into application design, CI/CD pipelines, and deployment workflows
• Implement and operate application security tooling, including SAST, DAST, dependency scanning, and container/image scanning
• Help maintain and improve application and cloud security controls to support rapid development and experimentation
• Assist in designing and validating logging, monitoring, and telemetry to support detection and response
• Develop automation scripts and integrations to improve security coverage and reduce manual effort
• Participate in an on-call rotation to support security incident response, investigations, and remediation activities
• Collaborate with IT, Operations, and Cloud teams to deploy and operate threat detection and mitigation capabilities
• Contribute to risk and threat documentation and communicate findings to engineering partners
• Engage with Toyota's global cloud and security organizations to support alignment and knowledge sharing

Benefits

• In addition to an excellent compensation and benefits package, you’ll also receive:
• A Career Path that allows you to take your career to the next level.
• Annual $2,500 Training Budget to help you grow and develop your professional skills.
• Unlimited time off and flexibility for a great work-life balance.
• At TC you'll be treated like the professional we know you are and left to manage your own time and workload.
• Home office stipend of $1,000 to help furnish an ergonomic remote office.
• Four months of paid parental leave. We want new moms and dads to have an opportunity to bond with their new little bundles of joy.
• Adoption Assistance of $5,000 for regular adoptions or $6,000 for special needs. We know adoption costs can add up, and we want to help.
• 401(k) with generous company match that is fully vested day one.
• Toyota and Lexus vehicle discounts to allow you to drive in style.
• Generous vehicle allowance for new and leased Toyota and Lexus vehicles. Scratch that vehicle payment off your monthly bills!
• Annual Patent-a-thons and Hackathons to embrace your superior creative thinking ability.
• Annual Wellness Stipend of $1000 to help balance your overall mental and physical health.
• Free catered lunches when working onsite. We try to keep it healthy, but Fridays are "cheat" days, so you can get your carbs on!
• Two fully stocked Nespresso bars for your coffee and tea fixes.
• No dress code! Come as you are. We know the smart people we hire don’t need to be told what to wear.
• Free covered garage parking to shield your vehicle from those sneaky storms and to protect your buns from the Texas sun.