JOB DESCRIPTION:
"Overview
In this role, you will play a pivotal role in shaping the overall cybersecurity posture for Toyota Motor North America (TMNA). Embedded within the Product Cybersecurity Group (PCG), the Product Security Testing Team (PSTT) performs advanced security testing engagements for pre-production vehicle ecosystem for the next generation automotive solutions worldwide.
Description:
In this role, you will focus on identifying, assessing, and mitigating security risks across various platforms including APIs, mobile applications (iOS and Android), wireless protocols, and Linux systems.
The candidate will also be responsible for penetration testing, proof-of-concept exploits, reverse engineering software to uncover vulnerabilities, and assess their potential impact. We are looking for candidates who are passionate about system security and have a broader and deeper understanding of the security landscape across software, wireless networks, and APIs. Due to the nature of this position, candidates must work on-site at Toyota HQ in Plano, TX. A hybrid model may be possible for strong candidates.
"•This position’s responsibility includes:
oConduct analysis of security requirements specifications against implementation
oPerform security assessments, and penetration testing including but not limited to mobile applications (iOS and Android), wireless security, APIs, and Linux OS
oCommunicate complex technical findings, and recommending the appropriate course of action, and supporting the mitigation and re-validation efforts
oDevelop skills through continuous learning and apply what you have learned relevant to emerging attack vectors, vulnerabilities, and exploits.
"[Required]
oBachelor’s degree (or higher) in Computer Engineering, Computer Science, Cybersecurity or related is strongly desired
oHand-on experience with Linux Operating Systems and shell scripting
oHands-on experience performing security assessment on OS or application-level of iOS/Android applications
oProficient in programming languages such as C/C++, Java, Swift, Kotlin, and Python
oKnowledge of network security principles and various wireless security protocols
oKnowledge of APIs security, and authentication protocols such as OAuth, SAML, etc.
oHands-on experience on testing tools such as Burp Suite, Frida, dissemblers, debuggers, dynamic instrumentations, and static code analysis
oStrong knowledge and understanding of X.509, SSL/TLS certificate, and general certificate management process
oDeep understanding of API security best practices
oStrong interest to acquire and develop additional skills such as Embedded systems security fundamentals
"
Any Graduate