Security Operations Engineer

Woven by Toyota is the mobility technology subsidiary of Toyota Motor Corporation. Our mission is to deliver safe, intelligent, human-centered mobility for all. Through our Arene mobility software platform, safety-first automated driving technology and Toyota Woven City — our test course for advanced mobility — we’re bringing greater freedom, safety and happiness to people and society. 
Our unique global culture weaves modern Silicon Valley innovation and time-tested Japanese quality craftsmanship. We leverage these complementary strengths to amplify the capabilities of drivers, foster happiness, and elevate well-being.
WHO ARE WE LOOKING FORWe are looking for an experienced Security Operations Engineer who has primary skills in log analysis and threat hunting. You will have an affinity for problem-solving; root-cause analysis; and, detection engineering.
(60% Operations) In a rotating primary on-call schedule, you will take ownership of alert handling from intake through incident response and will engage appropriate partners across the business for rapid response and remediation. Between alerts, you will improve the signal-to-noise of our analytics by tuning existing rules; develop high-fidelity detections; and, identifying and closing visibility gaps in our log ingestion and processing.
(40% Engineering) Contribute to the Global SOC engineering goals by adding to and improving log ingestion pipelines, developing and tuning automated workflows, and improving detection and response capabilities. It will be a Hybrid role based in Palo Alto.

RESPONSIBILITIES

• Assess inbound alerts and handle through close or escalation
• Take ownership of escalated alerts to ensure appropriate response and remediation is achieved
• Refine and tune existing SIEM and EDR detections
• Develop new high-fidelity detections for multiple platforms based on industry research and threat intelligence
• Contribute to purple-teaming exercises to improve the overall practice of the global team
• Design, plan, and implement new tooling and infrastructure to improve SOC detection and response capabilities
• 3 days per week in office
• Rotating primary on-call coverage during local business hours
• Rotating weekend on-call coverage (once a quarter)

MINIMUM QUALIFICATION

• 4+ years experience in Security Operations, Security Engineering, IR, IT Security, or Cloud Administration
• Proven experience tracking down root-cause to complex problems and identifying technical solutions
• Strong knowledge of endpoint hardening on one or more of Windows, MacOS, or Linux
• Strong knowledge of networking and security
• Effective time management and prioritization
• Professional and explain with excellent written and verbal communication skills
• Strong collaboration and continuous-improvement mindset

NICE TO HAVES

• Experience in Python, Powershell, bash
• Experience with an Infrastructure as a Code tool like Terraform
• Familiarity with cloud platforms like AWS
• Broad experience using and/or securing multiple OSes (Windows, Mac & Linux)

$112,000- $184,000 a yearYour base salary is one part of your total compensation. We offer a base salary, short term and long term incentives, and a comprehensive benefits package. The California pay scale for this full time position is $112,000- $184,000. The total compensation offered to an employee will be dependent upon the individual's skills, experience, qualifications, location, and level.
WHAT WE OFFERWe are committed to creating a modern work environment that supports our employees and their loved ones. We offer many options of the best programs to allow you to do your most meaningful work and to help you shape the future of mobility.・Excellent health, wellness, dental and vision coverage・A rewarding 401k program・Flexible vacation policy・Family planning and care benefits
Our Commitment・We are an equal opportunity employer and value diversity.・Any information we receive from you will be used only in the hiring and onboarding process. Please see our privacy notice for more details.