Senior Third-Party Cyber Security Risk Analyst
Listed on 2026-07-17
-
IT/Tech
Cybersecurity, Information Security, Data Security
Overview
Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like one of the world’s most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We’re looking for talented team members who want to Dream. Do. Grow.
with us.
An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in‑class customer experience in an innovative, collaborative environment.
You must have the right to work in the United States and not require Toyota support or sponsorship for immigration-related employment. You should not apply for this role if you will require Toyota to assist with immigration support or sponsorship now or in the future.
Who we’re looking forToyota’s Cyber Risk Department is looking for a passionate and highly motivated Senior Third Party Cybersecurity Risk Analyst.
The primary responsibility of this role is to conduct cybersecurity risk assessments for third parties across Toyota’s third-party portfolio. This role evaluates each third-party relationship to assess the associated risk profile and the effectiveness of the risk management capabilities in place, ensuring alignment with Toyota’s risk appetite. This position includes reviewing assurance artifacts such as SOC reports, ISO 27001 certifications, and PCI DSS certifications to evaluate the effectiveness of third-party cybersecurity controls.
The role also consolidates and communicates risk findings and metrics to operational management and executive leadership while partnering with internal stakeholders to support informed risk decisions and continuous improvement of third-party cybersecurity risk processes. This role requires strong analytical, critical thinking, and communication skills, along with a deep understanding of risk management practices and cybersecurity processes, risks, and controls, to effectively assess third-party risk and communicate findings to key stakeholders.
- Conduct Cybersecurity Risk Assessments: Conduct third-party cybersecurity risk assessments to verify alignment with Toyota’s information security and risk management standards.
- Inspect Assurance Reports: Review and analyze independent assurance artifacts, including SOC 1, SOC 2, ISO 27001 certifications, PCI DSS certifications, and related evidence, to validate control design and operating effectiveness.
- Evaluate and Communicate Risk: Consolidate, interpret, and communicate cybersecurity risk metrics, trends, and findings to operational stakeholders and executive leadership.
- Collaborate with Risk Partners: Partner with internal business, security, and risk teams to support informed third-party risk decisions and remediation efforts.
- Support Continuous Improvement: Support continuous improvement of third-party risk processes, methodologies, and reporting practices.
- A bachelor's degree in computer science, information technology, or a related field.
- Experience in Information Security, Risk Management, Information Technology, or related disciplines.
- Experience in the planning, designing, implementation, and execution of third-party risk management programs.
- Excellent presentation skills, including verbal and written communication to differing levels of management throughout the organization.
- Excellent “soft” skills including relationship building and the ability to influence others through consensus building.
- Certified Information Systems & Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Security Auditor (CISA) certifications.
During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities.
- A work environment built on teamwork,…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).