Woven by Toyota is the mobility technology subsidiary of Toyota Motor Corporation. Our mission is to deliver safe, intelligent, human-centered mobility for all. Through our Arene mobility software platform, safety-first automated driving technology and Toyota Woven City — our test course for advanced mobility — we’re bringing greater freedom, safety and happiness to people and society. 

Our unique global culture weaves modern Silicon Valley innovation and time-tested Japanese quality craftsmanship. We leverage these complementary strengths to amplify the capabilities of drivers, foster happiness, and elevate well-being.

Arene Compliance is part of Arene Organization. Arene Compliance's mission is to empower Arene organization to achieve product assurance through independent compliance assessment, objective risk reporting, and continuous education/support to foster compliance culture.

Arene Compliance works with teams from different disciplines such as System Engineering, Software Engineering, Quality Assurance, Functional Safety and Cybersecurity. Engineering teams deliver the final work products; Arene Compliance verifies and ensures the deliverables and processes comply with both internal and external compliance requirements (such as regulatory framework, industry standards and customer requirements).

You will report to the Head of Arene Compliance, and this role is hybrid - you will work in the office 3+ days per week.

Understanding and complying with industry standards is a challenging endeavor since it challenges the status-quo practices existing within each organization, and requires people to change their way of thinking and working. Also, the complexity of dealing with the ever-evolving standards and regulatory frameworks can exacerbate this challenge. Therefore, working with automation tooling is instrumental for an organized and effective compliance management system (e-CMS).

We are looking for a compliance specialist like you who can help shape our vision and support our mission. You will partner with different stakeholders within Arene Organization to improve regulatory compliance awareness, and to ensure our product/project teams operate within the policies, procedures, and regulations applicable to Arene Organization's operations. Specifically, we are looking for a team mate with experience in auditing and assessing engineering processes according to ISO21434/UNR-155 and ISO24089/UNR-156. You will lead ISO21434/UNR-155 training/educations, improve Arene products' quality by assuring the up-to-date industry standards and regulatory frameworks are built-in to our product development processes, and ensuring the proactive identification and mitigation of compliance risks that impede our goals and strategies. You will also drive Arene Compliance e-CMS tooling initiatives aiming at the automation of management, reporting and tracking of compliance evidence, reporting and tracking.

・Interact with multiple internal and external stakeholders to analyze and define ISO21434/UNR-155 and ISO24089/UNR-156 compliance requirements for Arene Organization's processes and products.

・Maintain comprehensive audit and monitoring tools and procedures related to the compliance audit program, including schedules, standards, processes, reports, record keeping and audit tools.

・Define, implement and deploy tools to automate the Compliance Management System.

・Coordinate and perform oversight/audit on third-party suppliers.

・Plan and perform the end-to-end process related to the internal ISO21434/UNR-155 and ISO24089/UNR-156 audits to ensure compliance across all relevant phases of an Agile developed project:

　　・Planning and verification of the audit sample;

　　・Coordinating interviews, document gathering and conducting review of supporting documentation;

　　・Preparing aggregate summary reports;

　　・Complete audit documentation, report promptly, and follow established auditing methodologies and professional standards;

　　・Identify risk/gaps by conducting ongoing risk assessments and developing audit plans to address high-risk areas. Provide technical assistance;

　　・Coordinate the implementation of internal and external corrective action plans, monitoring progress and completion; escalate as required;

　　・Conduct re-audits to verify corrective actions were implemented.

・Take ownership and responsibility for passing all the internal ISO21434/UNR-155 and ISO24089/UNR-156 audits before the product shipment to our customers.

・Track and trend compliance audit statistics, oversee/analyze KPIs, and recommend strategies to improve provider compliance.

・Develop and prepare reports on compliance audit program activities for submission to internal stakeholders (Management Review) and external stakeholders (customers).

・Evangelize, lead and improve ISO21434/UNR-155 and ISO24089/UNR-156 compliance awareness / training within Arene Organization.

・Remain current on the compliance requirements with all regulations, ISO standards and customer requirements applicable to Arene Organization's compliance program.

・Monitor industry best practices and make recommendations for organizational procedure change to result in compliance.

・Assist with all facets of the Compliance Management System (ISO37301) processes, and drive its continuous improvement.

・Engineering degree in software, electrical or control systems.

・Excellent knowledge about cybersecurity engineering, cybersecurity processes, safety-critical and security-critical embedded software development (C, C++) for Automotive, Aerospace or equivalent industries.

・5+ years of experience coordinating/managing ISO21434 & UNR-155 compliance / certification activities for software development (both in-the-vehicle and out-the-vehicle) in OEMs or Tier 1-2 suppliers.

・Experience with the implementation of ISO21434/UNR-155 (CSMS) compliance management system.

・Knowledge on the implementation of ISO24089/UNR-156 (SUMS) compliance management system.

・Fluency in both English and Japanese.

・Understand the application of ISO-21434/UNR-155 and ISO-24089/UNR-156 requirements (processes and work products) to assess conformity within the defined audit scope, conduct appropriate audit/assessment findings and conclusions.

・Understand audit (ISO-19011 and ISO-5112) principles, processes and methods to ensure audits are performed.

・Ability to manage the risks and opportunities associated with the audit goals.

・Experiences with the implementation of tooling/automation for e-CMS.

・Technical skills acquired as a combination of the following:

　　・Successfully completing training audit/assessment courses relevant for ISO21434/UNR-155, ISO19011/ISO5112 and ISO24089/UNR-156;

　　・Some professional records in Automotive Cybersecurity domain, as a qualified/trained ISO21434 cybersecurity engineer or relevant technical, managerial or professional position;

　　・Audit experience acquired under the supervision of an ISO21434/UNR-155 qualified auditor;

　　・Hand-on experiences with risk-based approach to audit/assessment (ISO19011/ISO5112);

　　・Hand-on experiences with training of ISO-21434/UNR-155 and UNR-24089/UNR-156 cybersecurity and software update basic principles.

・Competitive Salary - Based on experience

・Work Hours - Flexible working time with NO core-hours

・Paid Holiday - 20 days per year (prorated)

・Sick Leave - 6 days per year (prorated)

・Holiday - Sat & Sun, Japanese National Holidays, and other days defined by our company

・Japanese Social Security - all applicable (Health Insurance, Pension, Workers’ Comp, and Unemployment Insurance, Long-term care insurance)

・In-house Training Program (software study/language study)

By submitting your application you agree to the following terms: https://woven.toyota/en/applicant-privacy-notice

・We pledge that any information we receive from you will be used ONLY for the purpose of hiring assessment.