Security Analytics Platform Engineer
Collin County, TX
Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the worlds most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. Were looking for diverse, talented team members who want to Dream. Do. Grow. with us.
Who were looking for
The Security Analytics Platform Engineer is responsible for global system and security event data collection, correlation, analytics and platform management at TFS. Cyber Threats are omnipresent and actively pursue new vectors to compromise or disrupt businesses. Security is a top priority for TFS and the Information Security team actively implements capabilities to prevent and respond to Cyber Threats. This engineering role is expected to have a high degree of technical knowledge regarding the collection of various hardware and software events to lead the Security Incident and Event Management (SIEM) and User Behavior and Entity Analytics (UEBA) platforms.
Part of a larger team, the role will contribute to the overall growth and maturity of the Global Information Security Services program. The position will collaborate and liaise with the Global Security Operations Center (SOC) team, internal and international affiliate IT, Security, and business units. The individual will contribute to meet our operational excellence goals by managing log prioritization, troubleshooting errors and misconfigurations, performing platform administration, and inform strategic planning decisions.
What youll be doing
Data Security Tool Management
- Manage existing and future Security Incident and Event Management (SIEM) and User Behavior and Entity Analytics (UEBA) platforms to ensure platforms are detecting current attack patterns based on evolving threats and risks.
- Design, test, implement, and tune detection and prevention controls in respective platforms as a response to data security policy, regulation, best practices, penetration testing, etc.
- Research, Plan, Design, Implement and retire respective SIEM & UEBA applications to meet industry, internal and regulatory specifications for TFS and affiliate organizations
- Ensure a 99.99% uptime in existing & future Analytics platforms from avoidable defects; responsible for troubleshooting issues, defects, bugs, or other concerns affecting system performance
- Responsible for maintaining and enhancing but not limited to, architectural, configuration and procedural documentation of the current and future Security Applications
Program Support & Maturity
- Direct and participate in remediation efforts related to discovered incidents within SIEM and UEBA platforms; remediation activities may include but are not limited to responding to incidents, penetration tests, vulnerability scans, internal/external audits and critical practice assessments
- Conduct periodic training and knowledge transfer sessions for external/internal department staff and business partners
- Identify, develop, maintain and enhance reports and metrics for various technical and non-technical audiences; reports include but are not limited to incident volume and system performance and detection summaries in raw and visual representation formats
- Optimize existing platforms to generate the greatest return on investment; review software, hardware, and subscription contracts annually for cost savings or program maturity opportunities
- Recommend and optimize system policies/configurations to best support the effectiveness of the tools and performance of analysts reviewing incidents
Governance & Engagement
- Understands the role of the security department and how it contributes to the overall goals and business strategy of the Company
- Maintain industry and regulatory knowledge, as it relates to Data Security, to contribute to the global data protection program
- Coordinate, review and audit all system changes are following defined change management policies
- Responsible for the development and execution of SIEM/UEBA roadmap activities while meeting current and future regulatory and internal requirements
What you bring
High School Education or Equivalent required
Experience working in a security operation Center (SOC) or Incident Responder environment such as L1, L2, L3, forensics or equivalent environment
Experience using Security Incident and Event (SIEM) administering tools such as IBM Qradar, Splunk, ArchhSight, LogRhythm or any other equivalent tools
Experience with Windows or Linux operating systems
Experience with Network Security using tools such as Palo Alto, FireEye, Cisco or related tools
Added bonus if you have
GIAC, CEH, Security certification
Endpoint Security Experience using tools such as McAfee ENS, Symantec SEP, Crowdstrike , Cylance
What well bring
During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities. A few highlights include:
A work environment built on teamwork, flexibility and respect
Professional growth and development programs to help advance your career, as well as tuition reimbursement
Vehicle purchase & lease programs
Comprehensive health care and wellness plans for your entire family
Flextime and virtual work options (if applicable)
Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute
Paid holidays and paid time off
Referral services related to prenatal services, adoption, child care, schools and more
Flexible spending accounts
Relocation assistance (if applicable)
What you should know
Our success begins and ends with our people. We embrace diverse perspectives and value unique human experiences. We are proud to be an equal opportunity employer that celebrates the diversity of the communities where we live and do business.Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.
Have a question or need assistance with your application? Check out the How to Apply section of our careers page on Toyota.com
To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time