Information Security Engineer, Senior

Overview Senior Cyber Security Engineer Who we are

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like  one of the world’s most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We’re looking for talented team members who want to Dream. Do. Grow.

with us.

An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company—delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best‑in‑class customer experience in an innovative, collaborative environment.

Toyota Financial Services (TFS) Technology team is looking for a highly motivated person to fill a role as a Senior Cyber Security Engineer
. Your primary responsibility is to architect, deploy, optimize, and maintain the organization's Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. Operating under the Information Security mandate, you will lead engineering efforts to ensure comprehensive log ingestion, detection fidelity, platform health, and automation capabilities that empower the Security Operations Center (SOC) and broader cyber defense teams.

We're looking for someone who thrives in a high‑growth environment and brings deep technical expertise alongside strong engineering discipline, enabling you to build scalable, resilient security infrastructure that strengthens Toyota's detection and response posture.

• SIEM Engineering & Platform Health: Lead the design, configuration, and ongoing maintenance of complex SIEM environments, including onboarding and managing diverse data sources, ensuring proper log parsing, normalization, and enrichment. Proactively monitor platform health, troubleshoot ingestion failures, and optimize storage and performance to maintain operational excellence.
• SOAR Development & Automation: Design, build, and maintain SOAR playbooks and automated workflows that streamline alert triage, enrichment, and response actions. Continuously identify opportunities to reduce manual effort and accelerate mean time to detect (MTTD) and mean time to respond (MTTR) through intelligent automation.
• Agent Deployment & Endpoint Telemetry: Lead the deployment, configuration, and lifecycle management of security agents across on‑prem, cloud, and hybrid endpoint environments. Ensure consistent agent coverage, policy enforcement, and telemetry collection to maximize detection visibility across the enterprise.
• Detection Engineering & Data Source Management: Develop and tune detection rules, correlation logic, and alerting thresholds within the SIEM to improve signal‑to‑noise ratio and detection accuracy. Partner with threat intelligence and SOC teams to translate emerging threats into actionable detection content. Manage the full lifecycle of data source integrations, including scoping, onboarding, validation, and ongoing health monitoring.
• Scripting & Automation Development: Leverage scripting languages such as Python and Power Shell to build custom tooling, automate repetitive engineering tasks, develop API integrations, and enhance platform capabilities beyond out‑of‑the‑box functionality.
• Process Development & Standardization: Assist in the development and maintenance of standard operating procedures (SOPs), engineering runbooks, and documentation that streamline data source onboarding, platform maintenance, and incident support workflows. Continuously refine processes to improve efficiency and consistency.

• 3‑5 years of experience in cyber security engineering, with hands‑on expertise in SIEM administration and engineering, SOAR platform development, log management, data…