Manager, Information Security Risk Management - Woven by Toyota Tokyo Bookmark Share Print 107 0 0

Listing Description

Woven by Toyota is the mobility technology subsidiary of Toyota Motor Corporation. Our mission is to deliver safe, intelligent, human-centered mobility for all. Through our Arene mobility software platform, safety-first automated driving technology and Toyota Woven City — our test course for advanced mobility — we’re bringing greater freedom, safety and happiness to people and society. 

Our unique global culture weaves modern Silicon Valley innovation and time-tested Japanese quality craftsmanship. We leverage these complementary strengths to amplify the capabilities of drivers, foster happiness, and elevate well-being.

TEAM
The security team at Woven by Toyota is on the cutting edge of many challenging security problems. We identify emerging security threats in autonomous vehicles and help design more secure systems. We work closely with internal platform teams to provide a secure development environment through tooling and automation, allowing developers to innovate quickly without compromising security.

WHO ARE WE LOOKING FOR
We are looking for a manager to lead the information security risk management function who will help us plan and perform compliance and risk assessment activities pertaining to Woven by Toyota's businesses and engineering work.

You will identify risks and vulnerabilities by working with stakeholders of diverse backgrounds. You will work on assessing any security risks pertaining to external vendors and partners and manage those risks through their lifecycle. You will be expected to work with both technical teams and senior management.

Woven by Toyota Security demands high standards, so a passion and discipline around security and delivery is critical. A high level of ownership and accountability is a must. In this role you will report to an engineering manager, in a hybrid capacity requiring your presence onsite three days per week.


RESPONSIBILITIES:
  • Plan/perform compliance and risk assessment activities for information systems and related processes.
  • Ensure compliance for information security policies and regulatory requirements by conducting procedural and operational review of business processes and system controls
  • Communicate and escalate compliance and risk issues to the appropriate department and/or level of management.
  • Evaluate technology and business-related controls for integrating business and information system security and risk mitigation efforts. Coordinate and validate business risk justification documents for government programs
  • Coordinate third-party or vendor security risk assessments

    • MINIMUM QUALIFICATIONS:
  • 6+ years experience in Information Security
  • 3+ years of experience within Information Risk Management, IT audit or Security Governance function
  • 3+ years of experience with regulatory compliance and information security management frameworks (e.g., ISO27001/ISO27002, NIST CSF, CMMC)
  • 3+ years management experience
  • Experience with multiple risk assessment methods including threat modeling, not only compliance adherence assessments.
  • Excellent written and verbal communication skills
  • Experience in IT auditing and technical assessments of networks, operating systems, cloud environments
  • Hands-on experience in configure and working with GRC tools
  • Technical expertise in the security field
  • Japanese language proficiency

    • NICE TO HAVES:
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA)
  • 5+ years management experience
  • Experience with privacy regulations
  • Experience building enterprise governance, risk, and compliance programs
  • Experience with security architecture
    • If you are located outside of Japan we will set up an interview over Google Hangout Meet.

    WHAT WE OFFER
    ・Competitive Salary - Based on experience
    ・Work Hours - Flexible working time with NO core-hours
    ・Paid Holiday - 20 days per year (prorated)
    ・Sick Leave - 6 days per year (prorated)
    ・Holiday - Sat & Sun, Japanese National Holidays, and other days defined by our company
    ・Japanese Social Security - all applicable (Health Insurance, Pension, Workers’ Comp, and Unemployment Insurance, Long-term care insurance)
    ・In-house Training Program (software study/language study)

    By submitting your application you agree to the following terms: https://woven.toyota/en/applicant-privacy-notice

    Our Commitment
    ・We are an equal opportunity employer and value diversity.
    We pledge that any information we receive from you will be used ONLY for the purpose of hiring assessment.

    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!