Overview Who we are

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world’s most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We’re looking for talented team members who want to Dream. Do. Grow. with us.

An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experience in an innovative, collaborative environment.

To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time.

Who We’re Looking For:

Toyota Financial Services (TFS) Technology team is looking for a highly motivated person to fill a role as a Product Security Lead.

The primary responsibility of this role is to support security initiatives across the product lifecycle to ensure all products are designed, developed, and maintained with strong security principles. This role partners closely with product management, engineering, and security teams to embed security into product development, mitigate risks, and protect customers and company assets from evolving threats. This role requires deep technical expertise in product security, strong leadership abilities, and the capacity to collaborate effectively with cross-functional teams.

What you’ll be doing

• Lead and collaborate with product engineering teams to build securely leveraging threat modeling, secure design reviews, vulnerability assessments, and security testing.

• Collaborate with product managers, engineers, and architects to integrate security requirements and controls into the product development lifecycle (PDLC).

• Oversee security risk assessments and mitigation plans for new and existing products.

• Lead the design and implementation of product security policies, standards, and best practices in alignment with industry standards and regulatory requirements.

• Safeguard our organization’s products with a comprehensive understanding of their security posture spanning every stage of the software lifecycle, enabling rapid, resilient delivery of value to customers.

• Partner with security architecture, application security, cyber defense, product, IT operations, risk and governance ensuring products are secure.

• Leverage data-driven practices—centered on introducing an Application Security Posture Management (ASPM) platform—to continuously assess, prioritize risk remediation across applications, services, and pipelines.

• Monitor and analyze security incidents related to applications, and coordinate incident response and remediation efforts as needed.

• Stay current with emerging threats, vulnerabilities, and industry trends in product security.

• Develop and maintain documentation related to product security architecture, processes, and procedures.

What You Bring

• Bachelor's degree in Computer Science, Information Security, or a related field; advanced degree preferred.

• Extensive and progressive experience of 8+ years in application security, with a focus on secure software development practices and techniques.

• Strong understanding of web application security vulnerabilities and mitigation strategies, such as OWASP Top 10.

• Proficiency in programming languages commonly used in web application development, such as Java, Python, or JavaScript.

• Certifications such as CISSP, CSSLP, CEH, or similar are highly desirable.

• Excellent analytical and problem-solving skills, with the ability to analyze complex application security issues and recommend effective solutions.

• Strong leadership and communication skills, with the ability to collaborate effectively with cross-functional teams and communicate technical concepts to non-technical stakeholders.

• Experience with cloud security, containerization, and Dev Sec Ops practices is a plus.

Added bonus if you have

• Experience with developing and Implementing Cyber Security Policies.

• Risk Management Experience in a regulated environment.

• Knowledge of Cyber Security Regulations and Laws.

• Cyber Incident Response experience.

What We’ll Bring

During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities. A few highlights include:

• A work environment built on teamwork, flexibility, and respect

• Professional growth and development programs to help advance your career, as well as tuition reimbursement

• Vehicle purchase & lease programs

• Comprehensive health care and wellness plans for your entire family

• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute

• Paid holidays and paid time off

• Referral services related to prenatal services, adoption, childcare, schools and more

• Relocation assistance (if applicable)

Belonging at Toyota

Our success begins and ends with our people. We embrace all perspectives and value unique human experiences. Respect for all is our North Star. Toyota is proud to have 10+ different Business Partnering Groups across 100 different North American chapter locations that support team members’ efforts to dream, do and grow without questioning that they belong.

Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.

Have a question, need assistance with your application or do you require any special accommodations? Please send an email to talent.acquisition@toyota.com.