Senior Software Engineer, Static Analysis Security Tooling - Woven Planet Tokyo Bookmark Share Print 163 0 0

Listing Description

ABOUT WOVEN PLANET GROUP
Woven Planet Group (Woven Planet) represents a carefully curated blend of expertise and resources dedicated to bringing the vision of “Mobility to Love, Safety to Live” to life. Through innovations and investments in automated driving, robotics, smart cities, and more, we are transforming how humankind lives, works, and moves. We exist to design, build, and deliver secure, connected, and sustainable mobility solutions that benefit all people worldwide. Founded in 2018 as Toyota Research Institute - Advanced Development (TRI-AD), Woven Planet is composed of four complementary companies: Woven Planet Holdings, Woven Core, Woven Alpha, and Woven Capital.

Visit us to learn more: https://www.woven-planet.global/

TEAM
The security team at Woven Planet is on the cutting edge of many challenging security problems. We identify emerging security threats in production applications and services, autonomous vehicles, and IoT devices via static security testing. We work closely with internal platform teams to deploy safe and secure services through tooling and automation, allowing developers to innovate quickly without compromising security. 

WHO ARE WE LOOKING FOR?
We are looking for engineers who are passionate about architecting well designed tools to improve Woven Planet’s cybersecurity program, scale up the security team’s capabilities, and help engineering teams secure their products.  Examples include the creation of web application scanners, fuzzers, and implementing re-usable security automation frameworks. This position will require a skill of building strong partnerships with other security and engineering teams, as well as a customer-focused mindset.  The right candidate will have a mix of software development and security engineering skills. We expect strong experience in one of the fields, and working knowledge and interest to learn in the other. We are looking for someone with:
・solid coding skills, broad knowledge of software development, and an understanding of application security fundamentals
・extended application security or red teaming experience with basic coding skills

RESPONSIBILITIES
・Build and maintain security tooling & infrastructure
・Lead the design and engineering of static analysis tooling (SAST, semantic code analysis, vulnerability management).
・Foster a culture of automation, and build sustainable tooling systems
・Identify application security risks, define requirements, and then build and extend systems to help reduce and track these risks.
・Guide and mentor other engineers in proper engineering practices through code review, mentoring, and sponsorship
・Be a role model for other engineering teams at the company in secure engineering practices.

MINIMUM QUALIFICATIONS
・3+ years combined experience in either or both:
   ・information security (e.g. threat modeling, secure code review, security testing)
   ・software development experience using common programming languages, such as Go, Rust, Python, Ruby, C/C++, or Java.
・Creative problem-solving skills and excellent troubleshooting and debugging skills.
・Expertise in writing clean, well-tested, and maintainable code.
・Ability to lead engineering projects that are very broad, ambiguous, and/or complex by using a mix of technical and organizational skills.
・Business-level verbal and written communication skills in English (e.g. TOEIC 800+ or equivalent experience). 

PREFERRED QUALIFICATIONS
  • Experience in the design and implementation of security solutions, systems, and mechanisms, including, but not limited to, data security, application security, cryptography, systems security, authentication, and network security.
  • Experience with cloud computing (e.g. AWS, Azure, GCP), IaC, Containers, CI/CD automation, deployment pipelines, build systems
  • Experience with security-critical code at scale.
  • In-depth understanding of security automation tools and processes.
    • If you are currently located outside of Japan we will set an interview over Google Hangout Meet or Skype.

    WHAT WE OFFER
    ・Competitive Salary - Based on skills and experience
    ・Work Hours - Flexible working time with NO core-hours
    ・Paid Holiday - 20 days per year (prorated)
    ・Sick Leave - 6 days per year (prorated)
    ・Holiday - Sat & Sun, Japanese National Holidays, and other days defined by the company
    ・Japanese Social Security - all applicable (Health Insurance, Pension, Workers’ Comp, and Unemployment Insurance, Long-term care insurance)
    ・In-house Training Program (software study/language study)

    By submitting your application you agree to the following terms:

    [OUR COMMITMENT]
    ・We are an equal opportunity employer and value diversity.
    ・We pledge that any information we receive from candidates will be used ONLY for the purpose of hiring assessment.

    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!