Application Security, Lead

Overview

Who we are

To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time.

Who we’re looking for

Toyota Financial Services (TFS) Technology team is looking for a highly motivated person to fill a role as an Application Security team lead to embed security within our DevOps processes. The candidate will collaborate with development and operations teams to secure software delivery pipelines, automate security controls, and promote a culture of security early in the development process. The role involves ensuring the security and integrity of our products and third-party software, providing guidance on security risks and secure development architecture across Anthropic.

What you’ll be doing

• Lead the assigned Application Security team members.

• Design and maintain secure CI/CD pipelines.

• Integrate security tools like SAST, DAST, and SCA into development processes.

• Automate security testing and compliance checks.

• Monitor and respond to security incidents in cloud and container environments.

• Enforce security policies, standards, and procedures to be used in secure development.

• Conduct comprehensive vulnerability assessments on web applications, APIs, and mobile applications.

• Collaborate with development, DevOps, and security teams to incorporate DAST into CI/CD workflows.

• Analyze scan results, validate findings, and prioritize remediation efforts based on risk levels.

• Stay updated on emerging threats and vulnerabilities relevant to application security.

• Provide guidance and training on interpreting reports and strategies for remediation.

What you bring 

• Typically, 4-8 years of experience in application security, with significant hands-on experience using SAST/SCA/DAST tools and methodologies.

• Proven expertise in testing complex web applications, APIs, and mobile applications for security vulnerabilities.

• Strong understanding of application security standards (e.g., OWASP Top Ten, SANS CWE Top 25).

• Familiarity with programming languages and frameworks commonly used in web and mobile applications, including Java, Python, Bash/Shell Scripting, PHP, Javascript, etc.

• Familiarity with applying Artificial Intelligence (AI) or Machine Learning (ML) techniques in cybersecurity contexts (e.g., anomaly detection, threat hunting, behavioral analytics, or risk scoring).

• Strong understanding of CI/CD tools (e.g., Jenkins, Harness, GHA).

• Familiarity with containerization and orchestration (Docker, Kubernetes).

• Knowledge of cloud platforms (AWS, Azure, GCP) and their security features.

• Knowledge of Infrastructure as Code (Terraform, Ansible).

Added bonus if you have 

• Strong analytical and problem-solving skills.

• Excellent communication and collaboration abilities.

• Ability to work in a fast-paced, agile environment.

• Ability to lead security testing initiatives and mentor junior security engineers.

What we’ll bring 

During your interview process, our team will provide detailed information about our industry-leading benefits and career development opportunities. Here are a few highlights: 

• A work environment built on teamwork, flexibility, and respect. 

• Professional growth and development programs to help advance your career, including tuition reimbursement. 

• Team Member Vehicle Purchase Discount. 

• Toyota Team Member Lease Vehicle Program (if applicable). 

• Comprehensive health care and wellness plans for your entire family. 

• Toyota 401(k) Savings Plan with a company match, plus an annual retirement contribution from Toyota regardless of your own contributions. 

• Paid holidays and paid time off. 

• Referral services for prenatal services, adoption, childcare, schools, and more. 

• Tax advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA). 

• Relocation assistance (if applicable). 

Belonging at Toyota

Our success begins and ends with our people. We embrace all perspectives and value unique human experiences. Respect for all is our North Star. Toyota is proud to have 10+ different Business Partnering Groups across 100 different North American chapter locations that support team members’ efforts to dream, do and grow without questioning that they belong.

Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.

Have a question, need assistance with your application or do you require any special accommodations? Please send an email to talent.acquisition@toyota.com.