Senior Engineer - Cybersecurity Risk & Operations Management Developer - ServiceNow

About The Position

Requirements

• Bachelor's Degree (or higher) in Computer Science, Business Administration, Management Information Systems or related discipline, or equivalent professional work experience
• Experience as a hands-on developer in ServiceNow GRC application.
• Experience in Work with ServiceNow modules, including Incident Management, Change Management, Problem Management, and Service Request Management.
• Experience with configuring ServiceNow GRC modules to align with governance, risk, and compliance frameworks.
• Experience in configuration of Policy and Compliance, Risk Management, Audit Management, and Vendor Risk Management Module in ServiceNow.
• Experience in working or coordinating with ServiceNow GRC support for product level defects.
• Experienced with development and/or management of metrics and reporting.
• Experience developing and managing integrations between ServiceNow GRC and other systems/tools using various integration methods.

Nice To Haves

• Certified Implementation Specialist in Risk & Compliance (CIS-RC) or Certified Implementation Specialist (SecOps).
• Certified Implementation Specialist in TPRM (CIS-TPRM)
• Superb analytical and problem-solving abilities in complex situations using enterprise-wide thinking.
• Works with minimal supervision with some specific decision-making authority
• Works with product owner/stakeholders to build requested items and tasks using workflows to manage processes and meeting business requirements.
• Excellent communication skills (verbal and written) to tailor messages to different audiences, presenting it clearly and concisely at the right altitude.
• Ability to manage a wide variety of initiatives across multiple business units.
• At least one of the following Security certifications: CISM, CISA, CISSP, CIA, CIPM, CCSP
• Experience working in Agile and/or Toyota Production System framework; Agile, Scrum, Lean, or related certifications.
• Experience building and/or analyzing GRC and Cybersecurity business cases and experience in product management.
• Demonstrated success in project management, business analysis, and data analysis.
• Proven ability to bring clarity and focus to complex and ambiguous situations.
• Experience with ITIL processes for Service Management.

Responsibilities

• Design, implement, and support ServiceNow SecOps (SIR, VR, TI, CC)
• Implement integrations using REST/SOAP APIs, MID Server, integrations with Tenable, Qualys, Splunk, CrowdStrike, etc. used to enable and automate risk and vulnerability management processes (i.e., risk assessments, risk mitigation strategies, risk register, etc.).
• Design and implement and support scripting and automation efforts using JavaScript, Glide APIs, Business Rules, Script Includes, UI Policies, Client Scripts, Scheduled Jobs.
• Provide business value to Toyota by developing reports for Performance Analytics, KPIs/KRIs, risk heat maps, and create data imports/exports using Transform Maps, Data Sources, and Import Sets.
• Develop custom playbooks and automated response actions using Flow Designer or Integration Hub.
• Implement Security Case Management, IOC correlation, and MITRE ATT&CK mapping.
• Create and maintain technical documentation, such as design specifications, user guides, process documentation, and configuration details.
• Correlate CVEs to affected CIs
• Participate actively in the administration of ServiceNow, encompassing upgrades, updates, and maintenance tasks as needed for GRC modules.
• Apply experience in implementing systems using the Agile/Scrum methodology.
• Evaluate and adopt the latest ServiceNow releases, enhancements in the GRC module, and best practices to bring continuous improvement to the platform.
• Collaborate with product owners, designers, and platform teams to define specifications and deliver features iteratively.
• Partner effectively with cybersecurity, product, platform, internal audit, legal, and other internal peers to support TMNA's compliance with applicable legal, regulatory, and security frameworks.
• Follow best practices for designing and implementing ServiceNow solutions. Ensure that configurations and developments are efficient, scalable, and sustainable.
• Identify opportunities for process optimization, automation, and streamlining tasks.
• Work closely with the Cyber Risk & Operations Management (CROM) team as well as closely partnering with all cybersecurity teams by assisting in the requirements gathering, analysis, design, and implementation of business processes and data migration into the GRC platform.

Benefits

• A work environment built on teamwork, flexibility, and respect.
• Professional growth and development programs to help advance your career, as well as tuition reimbursement.
• Team Member Vehicle Purchase Discount.
• Toyota Team Member Lease Vehicle Program (if applicable).
• Comprehensive health care and wellness plans for your entire family.
• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute.
• Paid holidays and paid time off.
• Referral services related to prenatal services, adoption, childcare, schools and more.
• Tax Advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA)