Senior Engineer - Cybersecurity Risk & Operations Management Developer - ServiceNow

be a part of defining the next-generation cybersecurity capabilities for one of the largest global companies in the world. #Cyber

Who We're Looking For

Toyota's Cyber Security Risk Management Department is looking for a passionate and highly motivated Senior Engineer - Cybersecurity Risk & Operations Management Developer - ServiceNow.

The primary responsibility of this role is to design and implement new risk management capabilities as well as support and enhance current risk management capabilities.

Reporting to the Manager, the person in this role will support the Governance, Risk, and Compliance department's objective to become a global cybersecurity leader in the mobility space - with the talent, scale, and services to enable our mission of securely bringing mobility for all.

What You'll Be Doing

• Design, implement, and support ServiceNow SecOps (SIR, VR, TI, CC)

• Implement integrations using REST/SOAP APIs, MID Server, integrations with Tenable, Qualys, Splunk, CrowdStrike, etc. used to enable and automate risk and vulnerability management processes (i.e., risk assessments, risk mitigation strategies, risk register, etc.).

• Design and implement and support scripting and automation efforts using JavaScript, Glide APIs, Business Rules, Script Includes, UI Policies, Client Scripts, Scheduled Jobs.

• Provide business value to Toyota by developing reports for Performance Analytics, KPIs/KRIs, risk heat maps, and create data imports/exports using Transform Maps, Data Sources, and Import Sets.

• Develop custom playbooks and automated response actions using Flow Designer or Integration Hub.

• Implement Security Case Management, IOC correlation, and MITRE ATT&CK mapping.

• Create and maintain technical documentation, such as design specifications, user guides, process documentation, and configuration details.

• Correlate CVEs to affected CIs

• Participate actively in the administration of ServiceNow, encompassing upgrades, updates, and maintenance tasks as needed for GRC modules.

• Apply experience in implementing systems using the Agile/Scrum methodology.

• Evaluate and adopt the latest ServiceNow releases, enhancements in the GRC module, and best practices to bring continuous improvement to the platform.

• Collaborate with product owners, designers, and platform teams to define specifications and deliver features iteratively.

• Partner effectively with cybersecurity, product, platform, internal audit, legal, and other internal peers to support TMNA's compliance with applicable legal, regulatory, and security frameworks.

• Follow best practices for designing and implementing ServiceNow solutions. Ensure that configurations and developments are efficient, scalable, and sustainable.

• Identify opportunities for process optimization, automation, and streamlining tasks.

• Work closely with the Cyber Risk & Operations Management (CROM) team as well as closely partnering with all cybersecurity teams by assisting in the requirements gathering, analysis, design, and implementation of business processes and data migration into the GRC platform.

What You Bring

• Bachelor's Degree (or higher) in Computer Science, Business Administration, Management Information Systems or related discipline, or equivalent professional work experience

• Experience as a hands-on developer in ServiceNow GRC application.

• Experience in Work with ServiceNow modules, including Incident Management, Change Management, Problem Management, and Service Request Management.

• Experience with configuring ServiceNow GRC modules to align with governance, risk, and compliance frameworks.

• Experience in configuration of Policy and Compliance, Risk Management, Audit Management, and Vendor Risk Management Module in ServiceNow.

• Experience in working or coordinating with ServiceNow GRC support for product level defects.

• Experienced with development and/or management of metrics and reporting.

• Experience developing and managing integrations between ServiceNow GRC and other systems/tools using various integration methods.

Added Bonus If You Have

• Certified Implementation Specialist in Risk & Compliance (CIS-RC) or Certified Implementation Specialist (SecOps).

• Certified Implementation Specialist in TPRM (CIS-TPRM)

• Superb analytical and problem-solving abilities in complex situations using enterprise-wide thinking.

• Works with minimal supervision with some specific decision-making authority

• Works with product owner/stakeholders to build requested items and tasks using workflows to manage processes and meeting business requirements.

• Excellent communication skills (verbal and written) to tailor messages to different audiences, presenting it clearly and concisely at the right altitude.

• Ability to manage a wide variety of initiatives across multiple business units.

• At least one of the following Security certifications: CISM, CISA, CISSP, CIA, CIPM, CCSP

• Experience working in Agile and/or Toyota Production System framework; Agile, Scrum, Lean, or related certifications.

• Experience building and/or analyzing GRC and Cybersecurity business cases and experience in product management.

• Demonstrated success in project management, business analysis, and data analysis.

• Proven ability to bring clarity and focus to complex and ambiguous situations.

• Experience with ITIL processes for Service Management.

What We'll Bring

During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities. A few highlights include:

• A work environment built on teamwork, flexibility, and respect.

• Professional growth and development programs to help advance your career, as well as tuition reimbursement.

• Team Member Vehicle Purchase Discount.

• Toyota Team Member Lease Vehicle Program (if applicable).

• Comprehensive health care and wellness plans for your entire family.

• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute.

• Paid holidays and paid time off.

• Referral services related to prenatal services, adoption, childcare, schools and more.

• Tax Advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA)

Belonging at Toyota

Our success begins and ends with our people. We embrace all perspectives and value unique human experiences. Respect for all is our North Star. Toyota is proud to have 10+ different Business Partnering Groups across 100 different North American chapter locations that support team members' efforts to dream, do and grow without questioning that they belong.

Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.

Have a question, need assistance with your application or do you require any special accommodations? Please send an email to [email protected] .