MCPNew: now works with Claude & AI assistants
Toyota

Toyota

Information Security Analyst

Company

Toyota

Role

Information Security Analyst

Location

Canada

Job type

Full-time

Found on Mokaru

Yesterday

Share this job

Salary

$82k - $105k/yearly

Job description

Job Description

Information Security Analyst

About Toyota Financial Services

Toyota Financial Services (TFS) provides retail, leasing and wholesale financial services to Toyota and Lexus dealerships and customers across Canada. TFS is a member of Toyota Financial Services Corporation (TFSC), a wholly owned subsidiary of Toyota Motor Corporation in Japan with the Canadian operation headquarters in Markham, Ontario.

What Sets Us Apart?

At Toyota Financial Services (TFS), you will help create best in class customer experiences in an innovative, collaborative and team-focused environment. TFS is an important part of the Toyota family, an award-winning global company, recognized worldwide for our technological leadership and superior standards of quality, continuous improvement and environmental responsibility.

Position Summary:

This role will provide security guidance to business and service partners, identify and prioritize security- related requirements and facilitate delivery of information security services. The successful candidate will be responsible for protecting TFS information security assets by identifying, assessing, and mitigating security risks. This role supports security operations, vulnerability management, third party risk, and security governance activities while working closely with management to support and ensure compliance to prescribed risk mitigating policies and procedures.

Acting as an Information Security ambassador to the business, this role determines security requirements by evaluating business initiatives and requirements, ensuring alignment to Toyota’s Global Information Security Standards.  This role will be reporting to the Manager, Information Security.

What You’ll Be Doing:

Security Monitoring & Incident Response

  • Monitor and act on security alerts and advisories from the SOC team and other security tools
  • Perform triage, investigation, and escalation of security incidents
  • Support incident response activities
  • Stay informed on emerging threats, vulnerabilities, and attack techniques

Vulnerability & Access Risk Management

  • Review vulnerability reports, assess exploitability of vulnerabilities, and coordinate remediation efforts
  • Support access governance processes, including access reviews, least privilege, and segregation of duties
  • Investigate access anomalies and unauthorized access attempts
  • Perform risk assessments of information systems and infrastructure; then develop and communicate mitigation recommendations.

Third-Party Risk, Governance & Compliance

  • Conduct security risks assessments of vendors and service providers, including review of SOC2 reports and other security documentation
  • Track remediation of identified third-party risks
  • Support internal and external audits
  • Maintain and update security policies, standards, and procedures, and security training materials
  • Develop and maintain dashboards to track and report on key risks and compliance metrics
  • Prepare documentation and reporting materials for management
  • Support regular business continuity planning and disaster recovery initiatives
  • Identify and communicate current and emerging security threats to Senior Management

Business Partnership & Security Awareness

  • Collaborate with business units, application teams, and service partners to define and guide security controls that manage risk.
  • Support phishing simulations and annual security awareness campaigns.
  • Work with internal teams and affiliates on IT projects and act as a liaison with Toyota’s Global Information Security Group (GISG)

What You’ll Bring:

  • 5+ years’ experience as an information security analyst, preferably in the Banking or Financial services industry
  • Post-secondary education in Computer Science/Engineering or related field
  • Experience working with:
    • Vulnerability management tools (e.g., Qualys)
    • IAM tools (e.g., SailPoint, Okta)
    • Endpoint security tools (e.g., CrowdStrike)
    • Privilege Access Management tools (e.g. CyberArk)
  • Understanding of:
    • Network security concepts (firewalls, VPNs, segmentation, zero trust)
    • Cloud security fundamentals (Azure, AWS)
    • Authentication methods (MFA, SSO)
    • DLP
    • SDLC processes
    • API security
  • Preferred License or Certification in one of the following: Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Information Systems Security Architecture Professional (ISSAP), AWS Certified Security Specialty and/or Certified Cloud Security Knowledge (CCSK)
  • Strong analytical and problem-solving skills
  • Excellent written and verbal communication
  • Ability to translate technical risks into business terms
  • Detail-oriented with strong documentation skills
  • Ability to manage multiple priorities in a fast-paced environment

What We’ll Bring:

  • A work environment built on teamwork, flexibility, and respect.
  • Competitive compensation package including health and dental benefits and bonus.
  • Health and dental benefits effective immediately.
  • Company pension plan with matched contribution.
  • Associate vehicle discount program.
  • Professional growth and development programs to help advance your career, as well as tuition reimbursement.
  • Fitness reimbursement.
  • Great company culture-Respect for people and continuous improvement is at our core.
  • Competitive time off benefits.
  • A hybrid work environment.

The anticipated annual base salary for this position is $82,000-$105,000. The offered salary will be based on the candidate’s experience, knowledge, skills and qualifications.

What You Should Know:

Our success begins and ends with our people. We embrace diverse perspectives and value unique human experiences. We are proud to be an equal opportunity employer that celebrates the diversity of the communities where we live and do business. Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, or any other characteristics protected by law.

Resume ExampleCover Letter Example

Explore more