Cyber Product Security Engineer, Lead - Toyota North America

Key Responsibilities

• Lead threat modeling and risk assessment for new and existing products, ensuring security requirements are embedded from concept to release.
• Develop and enforce secure coding standards, conduct code reviews, and integrate automated security testing into CI/CD pipelines.
• Coordinate vulnerability management, including penetration testing, static/dynamic analysis, and remediation tracking.
• Design and maintain security architecture diagrams, threat models, and security documentation for cross‑functional teams.
• Lead incident response activities, perform root cause analysis, and implement preventive controls.
• Mentor and coach engineering teams on security best practices and emerging threats.

Requirements

• 5+ years of experience in product security engineering or related field.
• Deep knowledge of threat modeling frameworks (e.g., STRIDE, PASTA) and secure software development lifecycle.
• Proficiency with security tools such as OWASP ZAP, Burp Suite, SAST/DAST platforms, and vulnerability scanners.
• Strong understanding of cloud security, especially AWS, and container security practices.
• Excellent communication skills and ability to influence cross‑functional teams.