Manager, IT Risk Governance & Assessment

Overview

Who we are

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like  one of the world's most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We're looking for talented team members who want to Dream. Do. Grow.

with us.

An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experience in an innovative, collaborative environment.

To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position.

Who we're looking for

Toyota Financial Services Data Governance Office is looking for a passionate and highly motivated Manager, IT Risk Governance & Assessment
. The primary responsibility of this role is to lead the foundational activities that establish and strengthen Toyota Financial Services' IT risk management framework, ensuring the organization can proactively identify, assess, and mitigate risk across the enterprise. In this role, you will shape the policies, standards, and control documentation that define how IT risk is managed, while continuously improving the framework through incident learnings and emerging threat insights.

Reporting to the Data Governance Office leadership, the person in this role will support the Data Governance Office's objective to build a resilient, risk-aware IT environment that enables strong governance, regulatory alignment, and sound executive decision-making
.

What you'll be doing

A typical day in this role may include partnering with business and technology leaders to strengthen IT risk controls, guiding your team through complex assessments, and translating regulatory requirements into practical governance actions. Success means helping the organization stay ahead of risks, building trust with senior executives, and creating frameworks that are both effective and sustainable.

• Develop, maintain, and enhance IT risk management policies, standards, and control frameworks that guide Toyota Financial Services' approach to managing technology risk
• Own and maintain the enterprise IT Control Library, ensuring controls are aligned to regulatory expectations and industry frameworks
• Lead enterprise-wide IT risk identification and assessment efforts to uncover emerging risks, vulnerabilities, and control gaps before they become issues
• Use incident investigation insights to strengthen controls and continuously improve the organization's risk posture
• Manage and develop direct reports and matrix resources by delegating effectively, coaching for growth, and removing barriers to success
• Build trusted partnerships with senior executives, including the CRO, CIO, CISO, CPO, and CTO, by communicating clearly and delivering credible, business-focused recommendations
• Collaborate closely with control execution teams to ensure policies and standards are implemented consistently and effectively
• Partner with governance, audit, and compliance teams to keep risk frameworks aligned with regulatory requirements and industry best practices
• Promote a strong risk-aware culture through guidance, training, and communication on core IT risk principles
• Monitor regulatory changes and emerging threats to keep the risk framework current, relevant, and effective
• Lead with a strategic mindset while supporting operational excellence in a highly regulated environment
• Foster teamwork, resilience, and professional development across your organization

What you bring

• Bachelor's Degree in Information Technology, Cybersecurity, Risk Management, or a related field that provides a strong foundation for this work
• 7 or more years of experience in IT risk management, cybersecurity, compliance, or a related discipline within a large, regulated financial services environment
• Proven experience developing and managing IT risk governance frameworks, policies, standards, and controls such as NIST, ISO 27001, or COBIT
• Strong analytical skills with hands-on experience in risk identification, assessment methodologies, and root cause analysis
• Ability to translate complex regulatory requirements into clear, practical policies and controls that teams can execute
• Excellent communication skills with the ability to explain complex concepts clearly to senior executives and diverse stakeholders
• Experience managing both direct reports and matrixed teams in a dynamic, high-pressure environment
• A track record of mentoring and developing talent, including helping junior team members grow into more strategic roles

Added bonus if you have

• An advanced degree that deepens your expertise in IT risk, cybersecurity, or…