Job Description: Our Information Security group is responsible for protecting corporate information assets from unauthorized disclosure, accidental or intentional loss of data, and modification. This group works to proactively identify existing and emerging risks and threats, as well as implement strategies and identify mitigations to corporate risks by working directly with our business partners. The Information Security Analyst is responsible for providing strategic security guidance to business units and technology domains delivering solutions with similar functions. This role will provide guidance and feedback based on reviews of product release. The successful candidate will interact with a broad cross-section of personnel to coach business and information technology owners in creative ways they can help secure Toyota data. Acting as an Information Security ambassador to the business, this role determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments studying architecture/platform and mitigating integration issues to enable business needs.
Must have experience with Application Reviews, Releases, and Analysis. Essential Job Functions / Accountabilities % of Time Spent BISO Activities - Perform risk assessments of information systems and infrastructure at product release; recommend appropriate risk treatment and mitigation options, and effectively articulate findings and recommendations to IT project teams and management.
- Build an information security-conscience culture within each responsible business unit.
- Communicate current and emerging security threats to the business and across security domains.
- Create solutions that balance business requirements with information and cyber security requirements.
- Collaborate with business units, application teams, architectural teams, and third-party vendors to provide guidance on security controls for managing risk for TFS.
- Aid in the development of (security) Threat Model designs and exercises.
- Maintain highly developed knowledge of security best practices and technologies.
- Manage the communication of technical topics to diverse audiences including technology teams, leaders, and business users without a technical background.
- Manage multiple simultaneous fast-paced projects covering diverse business initiatives. Work on multiple projects and tasks concurrently.
- Communicate technical topics to diverse audiences including technology teams, leaders, and business users without a technical background.
75%
BISO Service Management - Conduct active service improvement conversations with key business stakeholders to ensure that the BISO services are operating at optimal levels.
- Report, communicate, and provide feedback to other BISO's and senior Information Security management in the performance of the BISO function.
- Identify, contribute to, and develop process improvements to increase efficiency in BISO function, in information security generally, and in the responsible business and technology domain.
25% The following functions/accountabilities are essential for all jobs: Work collaboratively with team members Meet regular performance expectations Ability to maintain regular and predictable attendance to support team and business objectives. Capability to work flexible hours, which may include day, evening and weekend hours. Ability to be at work on time, to return from breaks and lunch periods on time and to leave the work area after the end of their scheduled workday (applicable to jobs subject to attendance policy) Other related functions/accountabilities may be assigned, but are not essential
Additional Job Functions Maintain highly developed knowledge of security best practices and technologies. Effectively identify, communicate, and escalate issues in a timely fashion.