Software Engineer, IoT at woven-by-toyota

About Woven by Toyota Woven by Toyota is enabling Toyota’s once-in-a-century transformation into a mobility company. Inspired by a legacy of innovating for the benefit of others, our mission is to challenge the current state of mobility through human-centric innovation — expanding what “mobility” means and how it serves society. Our work centers on four pillars: AD/ADAS, our autonomous driving and advanced driver assist technologies; Arene, our software development platform for software-defined vehicles; Woven City, a test course for mobility; and Cloud & AI, the digital infrastructure powering our collaborative foundation. Business-critical functions empower these teams to execute, and together, we’re working toward one bold goal: a world with zero accidents and enhanced well-being for all. ========================================================================= TEAM Toyota is redefining what it means to move. We're challenging the current state of mobility by enhancing the movement of people, goods, information and energy. Centered around three core concepts - A Living Laboratory™, Human-Centered, and Ever Evolving City™ - Woven City serves as a test course for mobility to fulfill our purpose of well-being for all. We do this by bringing together a diverse community of people with a shared passion for the future of mobility to co-create, develop and refine innovative products and services. This cross-section of social infrastructure, mobility, and people provides a unique opportunity for inventors, residents and visitors to interact seamlessly with new technologies throughout daily life in an environment that emulates a real city. The Woven City Cybersecurity Secure Foundations team supports the security of PKI and IoT hardware & software systems to ensure the safety of our residents and inventors in Woven City. We are a diverse team of engineers who are passionate about the security of our users. You will report to the head of the Secure Foundations team. For more information about Woven City, please visit: [Upgrade to PRO to see link] WHO ARE WE LOOKING FOR? We are looking for an experienced Software Engineer to join the Woven IT team who can bridge the gap between hardware, firmware, and security. You will be instrumental in defining and implementing secure boot strategies, ensuring our IoT devices are secure by design. This role requires a hands-on engineer who can write integration code for secure bootloaders, maintain infrastructure code for deployment pipelines, and collaborate effectively with cross-functional teams to identify and resolve security vulnerabilities. You will play a key role in protecting our ecosystem by staying up-to-date with the latest advancements in security technologies and mitigation techniques. RESPONSIBILITIES • Owns the strategy and technical direction for on-device security in collaboration with hardware engineers, firmware developers, and security experts • Designs the architecture, writes and maintain the integration code for leveraging secure bootloaders and firmware in our products • Lead cross-team initiatives to clarify our strategy for securing IoT products and services • Participate in debugging and troubleshooting efforts to identify and resolve security-related issues • Conduct design reviews and code reviews to ensure robust, secure-by-design implementations that comply with internal policies and standards MINIMUM QUALIFICATIONS • 7+ years of work experience in developing embedded systems or IoT/OT, including ownership of security-critical or platform components in shipping products • Proven experience implementing secure boot strategies and working with bootloaders such as Intel, ARM, UEFI, and OTP (or equivalent) across multiple hardware platforms • Working expertise in systems programming languages such as C, C++, or Rust, and scripting languages like Bash or Python, with a track record of delivering robust, production-quality software • Experience with Over-the-Air (OTA) update mechanisms and device management for connected device fleets • Experience writing and maintaining infrastructure code for CI/CD pipelines (e.g., Jenkins, GitHub Actions), including appropriate quality and security gates • Business-level verbal and written communication skills in English, with the ability to influence cross-functional stakeholders and drive alignment on technical decisions NICE TO HAVES • In-depth understanding of cryptographic principles (public key cryptography, X.509 certificates, key rotation) and hardware isolation mechanisms (e.g., ARM TrustZone) • Familiarity with Real-Time Operating Systems (RTOS) such as FreeRTOS or Zephyr • Familiarity with hardware stacks such as NVidia Jetson and Jetpack • Knowledge of communication protocols such as MQTT, CoAP, or OPC-UA • Business level proficiency in Japanese ========================================================================= Important Points ・All interviews will be arranged via Google Meet, unless otherwise stated. ・The same job descriptions are available in both English and Japanese; therefore, we kindly ask that you apply to only one version. ・We kindly request that you submit your resume in English, if possible. However, Japanese resumes are also acceptable. Please note that, depending on the English proficiency requirements of the role, we may request an English version of your resume later in the process. WHAT WE OFFER ・Competitive Salary - Based on experience ・Work Hours - Flexible working time ・Paid Holiday - 20 days per year (prorated) ・Sick Leave - 6 days per year (prorated) ・Holiday - Sat & Sun, Japanese National Holidays, and other days defined by our company ・Japanese Social Insurance - Health Insurance, Pension, Workers’ Comp, and Unemployment Insurance, Long-term care insurance ・Housing Allowance ・Retirement Benefits ・Rental Cars Support ・In-house Training Program (software study/language study) Our Commitment ・We are an equal opportunity employer and value diversity. ・Any information we receive from you will be used only in the hiring and onboarding process. Please see our privacy notice for more details.