Cyber Threat Emulation Operator, Lead

The Toyota Financial Services Information Security Department is looking for a passionate and highly motivated Cyber Threat Emulation Lead.     

Reporting to the National Manager of Threat Emulation & Investigations, this role will collaborate with other Red Team operators to simulate threat actor techniques.  The primary focus is to evaluate and enhance cyber defenses through Red Team operations, penetration testing, and technical control assessments. Additionally, this role supports global shared security services and collaborates with TFS Group companies as needed.  

This role is an in-office position based at our Plano, TX headquarters. Candidates are expected to live within a commutable distance to Plano and work on-site Monday through Thursday, with hybrid work options available on Fridays.  

What you’ll be doing  

• Design and execute red team operations to test the quality of our cyber controls using threat actor techniques 

• Create detailed reports capturing the results of operations and/or penetration tests with appropriate evidence and mitigation strategies 

• Partner with key stakeholders, including technology owners and other security teams, to share results, provide insights, and improve the readiness of detection and response capabilities 

• Effectively evaluate the risk of identified findings for remediation prioritization 

• Leverage your technical skillset to provide assistance and guidance to security events as needed 

• Stay current on global cyber trends/attacks for application to the Toyota environment 

• Serve as a role model for continuous learning, cooperation, and knowledge sharing with teammates 

• Building a trusting and safe environment where problems can be raised without fear of blame, retribution, or being judged, with an emphasis on problem-solving 

What you bring  

• A curious mindset and desire to learn 

• At least seven (7) or more years of experience in one or more of the following domains: 

• Red Team operations (Kali, Cobalt Strike, Outflank, Brute Ratel, Sliver, Nighthawk) 

• Software development  

• OffSec infrastructure management 

• Penetration testing (network/web/mobile: Nessus, Qualys, Burp Suite) 

• Reverse engineering 

• Social Engineering 

• Cloud, AI 

• Suitable for executive engagement and the capability to influence and encourage prioritization of security initiatives 

• Bachelor’s Degree from an accredited institution, or equivalent experience 

Added bonus if you have  

• Relevant security certification (CRTO, OSCP, OSWE, CISSP)  

• Familiarity with security frameworks for attack (MITRE ATT&CK, Cyber Kill Chain), threat modeling (STRIDE, CVSS), and guidance (NIST, PCI). 

• Understanding of regulatory issuances, such as CFPB, GLBA and SOX, and their applicability to technologies, applications and privacy laws (GDPR & CCPA) and other legal and compliance privacy and information security requirements.  

• Advanced degree with a concentration in an IT related area. 

What we’ll bring  

During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities. A few highlights include:  

• A work environment built on teamwork, flexibility, and respect  

• Professional growth and development programs to help advance your career, as well as tuition reimbursement  

• Team Member Vehicle Purchase Discount  

• Toyota Team Member Lease Vehicle Program (if applicable)  

• Comprehensive health care and wellness plans for your entire family  

• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute  

• Paid holidays and paid time off  

• Referral services related to prenatal services, adoption, childcare, schools and more  

• Relocation assistance (if applicable)