Application Security Analyst

Toyota Motor Sales, U.S.A., Inc.
Plano, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Plano, United States of America

Tech stack

Java
JavaScript
PHP
API
Amazon Web Services (AWS)
Software Applications
Azure
Code Review
Continuous Integration
Mobile Application Software
Python
Team Foundation Server
Open Web Application Security
Ansible
Software Engineering
Web Applications
Web Services
Scripting (Bash/Python/Go/Ruby)
Google Cloud Platform
Delivery Pipeline
Software Security
Containerization
Kubernetes
Terraform
Docker
Jenkins
Static Application Security Testing
Programming Languages
Dynamic Application Security Testing

Job description

Toyota Financial Services (TFS) Technology team is looking for a highly motivated person to fill a role as a Application Security Analyst. Your responsibilities will be to ensure the security of company software applications, web services, and APIs. You will work closely with development teams to identify vulnerabilities, suggest remediation efforts, and integrate security controls into the DevOps pipeline. The role involves ensuring the security and integrity of our products and third-party software, providing guidance on security risks.

What you'll be doing

  • Collaborate with developers to "shift left"-integrating security early in the software development life cycle (SDLC)

  • Integrate security tools like SAST, DAST, and SCA into development processes.

  • Review code for security vulnerabilities and provide guidance to developers on remediation and secure coding practices.

  • Prepare detailed vulnerability reports and dashboards for leadership, prioritizing risks based on business impact.

Requirements

  • Typically, 3-6 years of experience in application security, with significant hands-on experience using SAST/SCA/DAST tools and methodologies.

  • Proven expertise in testing complex web applications, APIs, and mobile applications for security vulnerabilities.

  • Strong understanding of application security standards (e.g., OWASP Top Ten, SANS CWE Top 25).

  • Familiarity with programming languages and frameworks commonly used in web and mobile applications, including Java, Python, Bash/Shell Scripting, PHP, Javascript, etc.

  • Strong understanding of CI/CD tools (e.g., Jenkins, Harness, GHA).

  • Familiarity with containerization and orchestration (Docker, Kubernetes).

  • Knowledge of cloud platforms (AWS, Azure, GCP) and their security features.

  • Knowledge of Infrastructure as Code (Terraform, Ansible).

Added bonus if you have

  • Strong analytical and problem-solving skills.

  • Excellent communication and collaboration abilities.

  • Ability to work in a fast-paced, agile environment.

  • Ability to lead security testing initiatives and mentor junior security engineers.

Benefits & conditions

  • Professional growth and development programs to help advance your career, including tuition reimbursement.

  • Team Member Vehicle Purchase Discount.

  • Toyota Team Member Lease Vehicle Program (if applicable).

  • Comprehensive health care and wellness plans for your entire family.

  • Toyota 401(k) Savings Plan with a company match, plus an annual retirement contribution from Toyota regardless of your own contributions.

  • Paid holidays and paid time off.

About the company

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world's most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We're looking for talented team members who want to Dream. Do. Grow. with us. An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experience in an innovative, collaborative environment. Toyota does not offer support or sponsorship of job applicants for employment-based visas or any other work authorization for this role now or in the future. You must have the right to work in the United States and not require Toyota support or sponsorship for immigration-related employment (e.g., H-1B, O-1, E-3, H-1B1, TN, F-1 OPT, F-1 STEM OPT, F-1 CPT, TN, (job flexibility benefits) (also known as I-140 or Adjustment of Status portability), etc.) now or in the future. You should not apply for this role if you will require Toyota to assist with immigration support or sponsorship now or in the future.

Apply for this position