Principal Engineer - Application Security (Pentesting)

Toyota North America•Plano, TX

1d•Onsite

About The Position

Overview Who we are Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world’s most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We’re looking for talented team members who want to Dream. Do. Grow. with us. To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time. Toyota's Cybersecurity & Risk Management (CSRM) group objective is to become a global cybersecurity leader in the mobility space - with the talent, scale, and services to enable our mission of securely bringing mobility for all. We hope you will join us in this time of transformation and be a part of defining the next-generation cybersecurity capabilities for one of the largest global companies in the world. #Cyber This position is based in Plano, TX. The selected candidate will be expected to reside within a commutable distance of this location. Who we’re looking for Toyota is looking for team members who are passionate about technology and interested in joining a collaborative and highly motivated team as a Application Security - Pentesting . The primary responsibility of this role will be responsible for testing the design and effectiveness of security controls of information systems, networks and applications within the Toyota environment. This role will require hands-on, technical penetration tests of all facets of the Toyota environment, and producing high-quality, actionable reporting and recommendations on those activities. Reporting to the General Manager, the person in this role will join the Core Cybersecurity team to build and maintain secure, scalable, and resilient cloud infrastructure and systems.

Requirements

5+ years of experience in cybersecurity, with a focus on penetration testing activities.
Strong understanding of security principles, attack methodologies, and vulnerability assessment techniques.
Experience with common penetration tooling platforms, such as Kali, etc.
Deep knowledge of common network protocols, operating systems, security tools, and how to exploit/circumvent them.
Excellent analytical, problem-solving, and decision-making skills.
Bachelor’s degree in Computer Science or related discipline, or equivalent work experience.

Nice To Haves

Experience with application development and implementing or developing mitigating controls in a large environment.
Exploitation experience with Active Directory / Azure Active Directory, containerization platforms (Docker, Kubernetes, etc.), and major cloud environments (AWS, Azure, GCP, etc.)
Knowledge of industry-standard frameworks and best practices (e.g., NIST, ISO, OWASP).
Master's degree in Computer Science or related discipline.
Strong written and verbal communication skills, with the ability to effectively convey technical information to both technical and non-technical stakeholders.
Relevant certifications (e.g., OSCP, OSCE, CISSP) are highly desirable.

Responsibilities

Plan, coordinate, and execute application security assessments to identify vulnerabilities, control gaps, and potential attack vectors in Toyota's information systems.
Collaborate with application teams and other cybersecurity teams to ensure effective and comprehensive engagements.
Work closely with the application teams to share insights and knowledge from penetration tests to improve overall security posture.
Analyze and prioritize findings from application security assessments, making data-driven recommendations to enhance the security of Toyota's systems.
Produce high-quality reports detailing the results of exercises, including vulnerabilities, risks, and proposed mitigations, and highlighting larger thematic improvement opportunities.
Provide guidance and support for the implementation of recommended security controls and improvements.
Stay current with emerging threats, trends, and best practices in the cybersecurity landscape to ensure that Toyota's defenses remain effective and up-to-date.
Foster a culture of continuous learning and improvement within the cybersecurity team.

Benefits

A work environment built on teamwork, flexibility, and respect
Professional growth and development programs to help advance your career, as well as tuition reimbursement
Team Member Vehicle Purchase Discount
Toyota Team Member Lease Vehicle Program (if applicable)
Comprehensive health care and wellness plans for your entire family
Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota, regardless of whether you contribute
Paid holidays and paid time off
Referral services related to prenatal services, adoption, childcare, schools, and more
Tax-Advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA)
Relocation assistance (if applicable)