About Woven By Toyota
Woven by Toyota is enabling Toyota's once-in-a-century transformation into a mobility company. Inspired by a legacy of innovating for the benefit of others, our mission is to challenge the current state of mobility through human-centric innovation — expanding what "mobility" means and how it serves society.

Our work centers on four pillars: AD/ADAS, our autonomous driving and advanced driver assist technologies; Arene, our software development platform for software-defined vehicles; Woven City, a test course for mobility; and Cloud & AI, the digital infrastructure powering our collaborative foundation. Business-critical functions empower these teams to execute, and together, we're working toward one bold goal: a world with zero accidents and enhanced well-being for all.

=========================================================================

TEAM
We are a team of experts covering software, enterprise networks, endpoints, infrastructure, identities, and cloud platforms security. We support product and solution development from R&D through productization phases including a wide variety of technology stacks and business units.

WHO ARE WE LOOKING FOR?
You have hands-on experience developing and deploying automation to accelerate security processes and workflows, including a mix of: developing scripts, APIs, integrations, AI Agents and MCP Servers, and/or data ETL processes. You have hands-on experience in one or more of the following security domains: secure software development, cloud security, identity management, or network security. The automations you develop will accelerate our team's ability to secure products and enterprise solutions, including performing secure design review, vulnerability analysis, systems testing. You will also help improve our enterprise security program by contributing to technical standards and processes.

Responsibilities
・Develop automation related to the integration, use, and enhancement of various security systems and data sets including: code security, cloud security, infrastructure security, identity security, and AI security

・Develop ways to automate the assessment and validation of security controls

・Integrate data sets between technical security systems and business systems to accelerate security-supported workflows such as risk, compliance, and other reporting paths

・Perform automation-assisted hands-on security review supporting Product and Engineering teams to establish and validate security requirements in new and existing products or systems

・Perform threat modeling and application security assessments for projects across the organization

・Perform automated and manual security testing for software, cloud, and network systems developed and used by Woven by Toyota

・Provide consultant-level communication that is effective at multiple levels of sensitivity and multiple audiences

・Report to the senior manager for Enterprise Security Services and come to the office 3x per week as per our hybrid work policy

Minimum Qualifications

• Bachelor's Degree or higher in Computer Science or related field, or equivalent work experience
• Hands-on experience developing security automation supporting one or more of the following domains: software development, cloud configuration, network architecture, and identity and access management
• Experience identifying and addressing security issues through design and code review, static/dynamic analysis, and other commonly used security tools and methodologies
• Knowledge of secure coding principles and common application security vulnerabilities, such as OWASP Top 10 and CWE 25 vulnerabilities
• Experience presenting and communicating security threats to non-security specialists (i.e. development teams, management, or other stakeholders)

NICE TO HAVES

• Experience in software development or DevEx work
• Experience in infrastructure security, container security, and/or CI/CD security
• Knowledge of security features and mechanisms provided by AWS or GCP. AWS Certified Security or GCP Professional Cloud Security Engineer is a plus
• Knowledge of authentication protocols and frameworks to include OAuth, OpenID, SSO/SAML, and AWS IAM
• Business-level Japanese

=========================================================================

Important Points
・All interviews will be arranged via Google Meet, unless otherwise stated.

・The same job descriptions are available in both English and Japanese; therefore, we kindly ask that you apply to only one version.

・We kindly request that you submit your resume in English, if possible. However, Japanese resumes are also acceptable. Please note that, depending on the English proficiency requirements of the role, we may request an English version of your resume later in the process.

What We Offer
・Competitive Salary - Based on experience

・Work Hours - Flexible working time

・Paid Holiday - 20 days per year (prorated)

・Sick Leave - 6 days per year (prorated)

・Holiday - Sat & Sun, Japanese National Holidays, and other days defined by our company

・Japanese Social Insurance - Health Insurance, Pension, Workers' Comp, and Unemployment Insurance, Long-term care insurance

・Housing Allowance

・Retirement Benefits

・Rental Cars Support

・In-house Training Program (software study/language study)

Our Commitment
・We are an equal opportunity employer and value diversity.

・Any information we receive from you will be used only in the hiring and onboarding process. Please see our privacy notice for more details.