Cyber Security Engineer at Toyota R&D

Do you want to work with new technology in real-life development projects and be involved in securing connected vehicles? That possibility may be closer than you think. At Toyota Material Handling R&D department we are strengthening our abilities within the cybersecurity area. As a Cybersecurity Engineer you will have a leading role in our efforts to ensure security and risk management for our fleet management system I_Site.

As a Cyber Security Engineer at Toyota R&D you will:
Identify stakeholder security objectives, risk frameworks and define how these apply to our products and development processes.
Support a secure development and operations lifecycle (DevSecOps)
Work together with our architect team to select components, set requirements and validation methods to ensure fulfillment of the above
Manage asset registers, access reviews and vulnerability scans within our application operation.
Develop proactive and reactive control asset loss strategies and disaster recovery plans together with our application operations.
Work with 3rd party vendors to perform penetration tests and red/blue team exercises.
Be the R & D speaking partner towards TMHE Security Assurance organization.
Connectivity is one of Toyota's rapidly growing focus areas. Within R&D at Toyota Material Handling, we are responsible for the end2end development for IoT in connected vehicles. We are responsible for the entire chain, from sensors in truck to customer's UX on the web. The system has been developed within Toyota since 2008 and is now approaching generation 4. Today there well above 200,000 connected units in more than 70 countries, which places high demands on performance, scalability, availability and of course, security.

The end product is a web-based fleet management system for connected forklift trucks. In addition to a web application, there are also embedded systems on the machines, and mobile apps for the two major platforms. The backend system is a microservice application in Microsoft Azure that is developed in an agile fashion following DevOps processes.

In addition to the developer teams, you will work in close collaboration with the team of solution architects, the IoT management team and the security team at the European IS/IT department. You will also have great support from Microsoft where Toyota Group is a very important customer.

Requirements
For the position as Cyber Security Engineer, we are looking for you who have/are:
Master of Science in Engineering or other relevant technical college education or comparable work experience and certifications.
Experience within cybersecurity risk assessment, policies, control frameworks both related to IT and OT systems, familiarity with control objective frameworks like OWASP, EN 62443 and Azure Secure Development v3.
Experience in taking an organization towards ISO 27001 compliance.
A social mindset and good networking skills.
A broad interest in technology and good problem-solving ability.
Structural and comfortable with a high degree of personal responsibility and independent work.