Senior Security Operations Engineer

Woven-Planet-2 in London

Woven by Toyota is building mobility for a safer, happier and more sustainable world. A subsidiary of Toyota, Woven by Toyota develops and invests in new technologies, software, and business models that transform how we live, work and move. With a focus on software-defined vehicles, automated driving, data-driven intelligence, security, mobility services, embedded platforms, AI, and more, we build on Toyota's legacy of trust and safety to deliver mobility solutions for all.

For nearly a century, Toyota has been delivering products and services that improve lives. Its earliest offerings, which automated the simple manual task of weaving, have evolved into the safe, reliable, connected automobiles we enjoy and depend on today. Woven by Toyota is an integral part of Toyota’s vision for the next 100 years—a world where mobility is easier, safer and more enjoyable for more people.

Our unique global culture weaves modern Silicon Valley innovation and time-tested Japanese quality craftsmanship and operational excellence. These complementary strengths enable us to develop and deliver cutting-edge technology at scale—optimizing for safety, advancing clean energy and elevating well-being.  We envision a human-centered future where world-class technology solutions expand global access to mobility, amplify the capabilities of drivers, and empower humanity to thrive.

TEAM
The security team at Woven by Toyota is on the cutting edge of many challenging security problems. We identify emerging security threats in autonomous vehicles and help design more secure systems. We work closely with internal platform teams to provide a secure development environment through tooling and automation, allowing developers to innovate quickly without compromising security.
This role will be a hybrid job in London.

WHO ARE WE LOOKING FOR?
We are seeking an experienced Security Operations engineer to support our Blue Team. The right candidate will have an in-depth understanding of the overall security landscape, be experienced in tuning detection systems to spot attacker Tactics, Techniques, and Procedures (TTPs), and have a proven background in designing and deploying Security Information Event Management (SIEM) systems.
They will continuously improve our detection systems' visibility by integrating new log sources, building out new use cases based on intel generated by our intelligence team. In order to stay current with the unique challenges of day-to-day alerting the SOC engineer will also be analyzing events and responding to alerts, collaborating with IT, security, and business stakeholders to kick attackers out of our systems as quickly as possible.
We are looking for an individual who can balance technical risks against business risks and consistently drive for the right results. They must have a passion for engineering solutions to complex security challenges and recognize and fill gaps in capabilities. The ability to quickly design and build internal-facing tools that enable scaled programmatic automation is core to our organization.
The successful candidate will have a good mix of technical knowledge, a demonstrated background in information security, and an analytical mindset that is driven by curiosity. We value broad technical knowledge, specifically in the fields of operating system security, network security, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence.


By submitting your application you agree to the following terms: click here .

Our Commitment
・We are an equal opportunity employer and value diversity.
・We pledge that any information we receive from candidates will be used ONLY for the purpose of hiring assessment.
    • You will continuously improve our monitoring systems' detection and response capabilities as well as processes, procedures, and playbooks
    • You will respond to alerts
    • You will plan and execute monitoring system changes
    • You will automate analysis and response steps to reduce manual toil
    • You will help prioritize the creation of new SOC use cases to ensure optimum ROI for engineering effort
    • You will communicate effectively at multiple levels of sensitivity, and multiple audiences
    • You will recognize, adopt and instill the best practices in security engineering fields throughout the organization: development, cryptography, network security, security operations, incident response, security intelligence
    • 4+ years of demonstrated experience in security operations as a security engineer with a background in analysis
    • 2+ years of scripting/coding experience with one or more languages and system administration
    • Practical experience in network- and host-based digital forensics across multiple operating systems
    • In-depth experience working with a variety of monitoring tools, including SIEM, endpoint security, intrusion detection/prevention, packet analysis, CASB, and SOAR
    • Demonstrated knowledge in information security fundamentals (threat modeling, penetration testing, incident response, network security, physical security, etc.)
    • Ability to troubleshoot technical issues combined with a drive to take ownership of problems and solve them
    • Excellent written communication skills, with a focus on translating technically complex issues into simple, easy-to-understand concepts in English
    • 2 days per week in office required
    • On-call on the weekend, once a quarter.
    • Experience leading the deployment of a major SIEM platform (Splunk, QRadar, Sentinel, ArcSight, etc) and/or EDR platform (Crowdstrike, Defender for Endpoint, Cylance, etc)
    • 4+ years of experience in security engineering in addition to 2+ years of experience in security analysis
    • 2+ years of scripting/coding experience with one or more languages
    • Ideally, experience securing cloud platforms incl. AWS, GCP, Azure
    • Relevant industry certifications, a degree in cyber security or adjacent fields, or cyber security boot camps
Apply