Senior Manager / Director, Information Security at woven-by-toyota

About Woven by Toyota Woven by Toyota is enabling Toyota’s once-in-a-century transformation into a mobility company. Inspired by a legacy of innovating for the benefit of others, our mission is to challenge the current state of mobility through human-centric innovation — expanding what “mobility” means and how it serves society. Our work centers on four pillars: AD/ADAS, our autonomous driving and advanced driver assist technologies; Arene, our software development platform for software-defined vehicles; Woven City, a test course for mobility; and Cloud & AI, the digital infrastructure powering our collaborative foundation. Business-critical functions empower these teams to execute, and together, we’re working toward one bold goal: a world with zero accidents and enhanced well-being for all. ========================================================================= TEAM Woven by Toyota aims to realize a new social infrastructure that integrates Software-Defined Vehicles, mobility services, and smart cities. To achieve this vision, it is essential to comprehensively ensure Safety, Security, and Quality across all products and services. As a member of Woven by Toyota’s Global Safety & Quality (S&Q) Team, this position plays a critical role in ensuring that our products and services meet global safety and reliability standards, with a focus on cybersecurity and information security. The Global Safety & Quality team is responsible for ensuring that the products and services provided by all Lines of Business (LoB) within Woven by Toyota comply with safety, security, and quality requirements based on national regulations, international standards, and the Toyota Group’s internal policies. In this position, you will act as the Second Line of Defense from an independent standpoint, providing governance regarding cybersecurity and information security, and ensuring that industry best practices, regulations, and international standards are appropriately incorporated into the development and operational processes of Woven by Toyota’s products and services. The successful candidate will work closely with engineering, product, and platform teams across each Line of Business (LoB) to support the delivery of safe, high-quality, and secure products and services. This position provides information security and cybersecurity governance across Woven by Toyota’s diverse business domains. The scope includes the following: Vehicle Cybersecurity ・Vehicle Cybersecurity (In-Vehicle / Out-Vehicle CSMS) ・Connected Vehicles and Mobility Services Digital Platforms ・Software Development Platforms ・Development Tools and Digital Services Smart City Infrastructure ・Smart City (Woven City) Infrastructure ・IoT and Urban Infrastructure Enterprise Security ・Enterprise IT ・Cloud Infrastructure ・Corporate Information Security In these areas, you will drive security risk management, ensure regulatory compliance, and strengthen security governance. RESPONSIBILITIES This position supports security and quality assurance for Woven by Toyota through the following activities: ・Establishing cybersecurity and information security governance ・Security risk assessment and management ・Implementation of security standards and best practices ・Providing security advisory services to Line of Business (LoB) teams ・Addressing security regulations and compliance requirements ・Promoting Security by Design ・Fostering a security-conscious culture This role will have the following significant impact on the Woven by Toyota business: ・Integrated assurance of safety, security, and quality in products and services ・Establishing integrated security governance across vehicles, urban infrastructure, and enterprise IT ・Compliance with global regulations and international standards ・Reducing cyber risk and enhancing organizational resilience Additionally, this role ensures that our digital services and enterprise environments maintain a high international standard of defense capabilities against external cyberattacks. Woven by Toyota is advancing the construction of a new mobility ecosystem that transcends the boundaries of the traditional automotive industry, encompassing Software-Defined Vehicles, connected mobility, and smart cities. Therefore, this position is a strategic role responsible for realizing security governance that transcends the boundaries of Vehicle, Infrastructure, and Enterprise. In the rapidly evolving environment of mobility and digital services, you will play a central role in comprehensively ensuring Safety × Security × Quality. MINIMUM QUALIFICATIONS For this position, candidates must hold a bachelor’s or master’s degree in electrical, electronic, or information engineering, along with a thorough understanding of the following standards and frameworks, and at least 10 years of relevant professional experience. Automotive Cybersecurity ・ISO/SAE 21434 ・UNECE UN-R155 (Cybersecurity Management System) ・UNECE UN-R156 (Software Update Management) Information Security ・ISO/IEC 27001 / 27002 ・ISO/IEC 27005 Infrastructure / IoT Security ・IEC 62443 ・ISO/IEC 27400 Risk Management ・ISO 31000 Work Experience ・Experienced working at an OEM and familiar with the automotive industry NICE TO HAVES As a Senior Manager of Information Security at a mobility company, we welcome candidates with experience and knowledge of the following standards and frameworks to comprehensively ensure safety, quality, and security: ・ISO 26262 (Functional Safety) ・ISO 21448 (SOTIF) ・Automotive SPICE ・ISO/IEC 27701 (Privacy) ・ISO 9001 (Quality Management System) ・ISO/IEC 23894 (AI Risk Management) ・Business-level proficiency in Japanese (equivalent to JLPT N1) and business-level proficiency in English ========================================================================= Important Points ・All interviews will be arranged via Google Meet, unless otherwise stated. ・The same job descriptions are available in both English and Japanese; therefore, we kindly ask that you apply to only one version. ・We kindly request that you submit your resume in English, if possible. However, Japanese resumes are also acceptable. Please note that, depending on the English proficiency requirements of the role, we may request an English version of your resume later in the process. WHAT WE OFFER ・Competitive Salary - Based on experience ・Work Hours - Flexible working time ・Paid Holiday - 20 days per year (prorated) ・Sick Leave - 6 days per year (prorated) ・Holiday - Sat & Sun, Japanese National Holidays, and other days defined by our company ・Japanese Social Insurance - Health Insurance, Pension, Workers’ Comp, and Unemployment Insurance, Long-term care insurance ・Housing Allowance ・Retirement Benefits ・Rental Cars Support ・In-house Training Program (software study/language study) Our Commitment ・We are an equal opportunity employer and value diversity. ・Any information we receive from you will be used only in the hiring and onboarding process. Please see our privacy notice for more details.