Information Security Manager, Endpoint and Identity

Tokyo
Technology Shared Services – Enterprise Technology /
Employee /
Hybrid
Apply for this job
About Woven by Toyota
Woven by Toyota is enabling Toyota’s once-in-a-century transformation into a mobility company. Inspired by a legacy of innovating for the benefit of others, our mission is to challenge the current state of mobility through human-centric innovation — expanding what “mobility” means and how it serves society.

Our work centers on four pillars: AD/ADAS, our autonomous driving and advanced driver assist technologies; Arene, our software development platform for software-defined vehicles; Woven City, a test course for mobility; and Cloud & AI, the digital infrastructure powering our collaborative foundation. Business-critical functions empower these teams to execute, and together, we’re working toward one bold goal: a world with zero accidents and enhanced well-being for all.

=========================================================================

TEAM
The Endpoint and Identity team safeguards the organization's internal systems, identities, and data by designing and maintaining robust security standards, ensuring compliance with relevant regulations, and providing secure architecture review and engineering of secure solutions. The team collaborates with other departments to conduct proactive risk assessments to protect critical corporate infrastructure, enabling the organization to operate securely and efficiently.

WHO ARE WE LOOKING FOR?
You are passionate about automating Woven by Toyota's Cyber Security program, scaling the team's capabilities, and securing the enterprise. As the technical lead manager for Identity and Endpoint, you’ll be responsible for securing all of Woven’s endpoints, corporate systems, and identities. 

Your expertise will provide the foundation of our enterprise security program, providing seamless ways for our engineers to build products securely -- while determining team priorities, promoting a positive culture centering on excellence, and leading cross-collaborations. You will report to the Head of Security Engineering, managing security engineers. This role is hybrid, requiring your presence on-site three days per week in the Nihombashi office.

RESPONSIBILITIES

    • Guide and mentor a medium-sized team of engineers working on endpoint, IT system, and identity security.
    • Foster a culture of learning, innovation, and technical excellence and conduct regular 1:1s, performance reviews, and career development planning
    • Define and execute roadmap for identity management and endpoint security initiatives
    • Improve, monitor, and report on key performance indicators (KPIs) for identity and endpoint security programs
    • Partner with IT, Security Operations, and GRC teams on enterprise security initiatives
    • Oversee implementation of SSO, MFA, privileged access management, and endpoint detection systems
    • Ensure security compliance across identity and endpoint infrastructure
    • Develop well-documented and comprehensively researched solutions to mitigate security risks
    • Communicate effectively at multiple levels of sensitivity, and to multiple audiences
    • Manage resource allocation, project planning, and budgeting for the Endpoint and Identity team

MINIMUM QUALIFICATIONS

    • 3-4+ years of experience managing & developing security engineers, IT engineers, SRE, DevOps, or similar teams
    • 4+ years of relevant infrastructure security experience hardening end-user and corporate IT systems
    • Bachelor’s or Master’s degree in Computer Science, Information Security, a related discipline, or equivalent work experience
    • Experience with Entra ID or similar cloud identity solution
    • Experience with Microsoft Intune, or similar endpoint management solutions
    • Experience with security architecture reviews and threat modeling 
    • Experience with hardening baselines and frameworks such as CIS, STIG, NIST, etc.
    • Comfortable automating tasks and processes using one or more scripting languages (e.g., PowerShell, Python, etc.).
    • Working proficiency in verbal and written English (C1)

NICE TO HAVES

    • Business level or Proficiency in Japanese (B2/C1)
    • Working knowledge of authentication/authorization protocols. (e.g. SAML, OIDC, OAuth2)
    • Experience with zero trust security model
=========================================================================
Important Points
・All interviews will be arranged via Google Meet, unless otherwise stated.
・The same job descriptions are available in both English and Japanese; therefore, we kindly ask that you apply to only one version.
・We kindly request that you submit your resume in English, if possible. However, Japanese resumes are also acceptable. Please note that, depending on the English proficiency requirements of the role, we may request an English version of your resume later in the process.

WHAT WE OFFER
・Competitive Salary - Based on experience
・Work Hours - Flexible working time
・Paid Holiday - 20 days per year (prorated)
・Sick Leave - 6 days per year (prorated)
・Holiday - Sat & Sun, Japanese National Holidays, and other days defined by our company
・Japanese Social Insurance - Health Insurance, Pension, Workers’ Comp, and Unemployment Insurance, Long-term care insurance
・Housing Allowance
・Retirement Benefits
・Rental Cars Support
・In-house Training Program (software study/language study)

Our Commitment
・We are an equal opportunity employer and value diversity.
・Any information we receive from you will be used only in the hiring and onboarding process. Please see our privacy notice for more details.
Apply for this job

Woven by Toyota Home Page

Jobs powered by Lever logo