Senior Security Engineer, Risk

4 days ago

Ann Arbor, Michigan, United States Woven Full time
Woven by Toyota is enabling Toyota's once-in-a-century transformation into a mobility company. Inspired by a legacy of innovating for the benefit of others, our mission is to challenge the current state of mobility through human-centric innovation — expanding what "mobility" means and how it serves society.
Our work centers on four pillars: AD/ADAS, our autonomous driving and advanced driver assist technologies; Arene, our software development platform for software-defined vehicles; Woven City, a test course for mobility; and Cloud & AI, the digital infrastructure powering our collaborative foundation. Business-critical functions empower these teams to execute, and together, we're working toward one bold goal: a world with zero accidents and enhanced well-being for all.
TEAM The security team at Woven by Toyota is on the cutting edge of many challenging security problems.We identify emerging security threats in autonomous vehicles and help design more secure systems.We work closely with internal platform teams to provide a secure development environment through tooling and automation, allowing developers to innovate quickly without compromising security.
WHO ARE WE LOOKING FOR? We are looking for a Senior Security Risk Technical Specialist to lead information security risk management engagements such as technical risk assessments pertaining to Woven by Toyota's businesses and engineering work.
You will identify risks and vulnerabilities by working with diverse internal and external stakeholders of varied technical and business backgrounds. You will work with technical product teams on assessing any security risks and manage those risks through their lifecycle. You will be expected to work with both highly technical teams and senior management.
While this is a risk assurance position, given the cutting edge nature of projects that we work on (IoT, autonomous driving, vehicle OS), we are seeking a candidate with strong technical insight.
Woven by Toyota Security demands high standards, so a passion and discipline around security and delivery is critical. A high level of ownership and accountability is a must. In this role you will report to an engineering manager, in a hybrid capacity requiring your presence on-site three days per week. RESPONSIBILITIES
  • Lead/perform risk assessment engagements for products (IoT, autonomous driving, AI etc), enterprise, and related information systems or processes.
  • Manage technical, process and human related  information security risks and ensure compliance for information security policies and regulatory requirements by conducting technical, procedural and operational review of business processes and system controls
  • Communicate and escalate risk issues to the appropriate level and department from frontline teams to senior management 
  • Evaluate technology and business-related controls for integrating business and information system security and risk mitigation efforts for products and enterprise. Coordinate and validate business risk justification documents for internal and external governance programs
  • Manage third party risk with both internal and external stakeholders
MINIMUM QUALIFICATIONS
  • Bachelor or Masters degree in Information Security and/or related field
  • 6+ years experience in Information Security
  • 3+ years technical security experience securing products incorporating emerging technologies like IoT, AI, Automotive operating systems
  • 1+ year of experience within Information Risk Management, IT audit or Security Governance function
  • 1+ year of experience with regulatory compliance and information security management frameworks (e.g., ISO27001/ISO27002, NIST CSF, CMMC)
  • Experience in highly regulated industries, ideally with retail product exposure and impact
  • Technical expertise in the security field and experience with security architecture and ability to challenge risk assessments on the technical side
  • Experience with multiple risk assessment methods including threat modeling (STRIDE, etc)
  • High level of independence and autonomy in leading and performing engagements, including conducting interviews, with a complex set of corporate stakeholders
  • Experience in IT auditing and technical assessments of networks, operating systems, cloud environments, etc
  • Excellent written and verbal communication skills and ability to adapt communication to the audience skillset and level of responsibilities
NICE TO HAVES
  • Japanese language proficiency
  • 5+ years of technical security experience out of the required 6+ years of Information Security experience
  • 3+ years of experience within Information Risk Management, IT audit or Security Governance function
  • 3+ years of experience with regulatory compliance and information security management frameworks (e.g., ISO27001/ISO27002, NIST CSF, CMMC)
  • 1+ year of development and coding experience ideally in IoT, AI, automotive OS
  • Experience with compliance especially security and privacy regulations
  • Experience building enterprise governance, risk, and compliance programs
  • Hands-on experience in configuring and working with GRC tools
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA)
WHAT WE OFFER We are committed to creating a modern work environment that supports our employees and their loved ones. We offer many options of the best programs to allow you to do your most meaningful work and to help you shape the future of mobility. ・Excellent health, wellness, dental and vision coverage ・A rewarding 401k program ・Flexible vacation policy ・Family planning and care benefits
Our Commitment ・We are an equal opportunity employer and value diversity. ・Any information we receive from you will be used only in the hiring and onboarding process. Please see our privacy notice for more details.

  • Senior Security Risk Technical Specialist

    1 week ago

    Ann Arbor, Michigan, United States Woven by Toyota Full time

    Woven by Toyota is enabling Toyota's once-in-a-century transformation into a mobility company. Inspired by a legacy of innovating for the benefit of others, our mission is to challenge the current state of mobility through human-centric innovation — expanding what "mobility" means and how it serves society.Our work centers on four pillars: AD/ADAS, our...

  • Senior Software Engineer

    7 days ago

    Ann Arbor, Michigan, United States HISTOSONICS INC Full time

    HistoSonics is a medical device company, founded in 2009, that has developed a non-invasive, sonic beam therapy platform that uses histotripsy, which is capable of destroying targeted liver tumors. Our mission and passion are to advance the novel science of histotripsy and its powerful benefits, bringing meaningful and transformational change to physicians...

  • Senior Engineer

    3 days ago

    Ann Arbor, Michigan, United States Toyota North America Full time

    OverviewWho we areCollaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world's most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We're looking for talented...

  • Senior Controls Engineer

    7 hours ago

    Ann Arbor, Michigan, United States FST Technical Services Full time

    FST Technical Services Commissioning (Cx) division is one of the leading Cx firms in the country. We partner with clients for quality assurance in the design, construction, and post-acceptance phases of building projects. We ensure that equipment in mechanical, electrical, plumbing, and associated systems are designed, installed, and functionally tested to...

  • Senior Software Engineer, Integrations

    1 day ago

    Ann Arbor, Michigan, United States Censys Full time

    Company BackgroundCensys' mission is to be the one place to understand everything on the internet. Frustrated by the lack of trustworthy Internet intelligence, we set out to create the industry's most comprehensive, accurate, and up-to-date map of the Internet. Today, Censys delivers real-time Internet intelligence and actionable threat insights to global...

  • Senior Design Engineer

    2 weeks ago

    Ann Arbor, Michigan, United States Insight Global Full time $140,000 - $170,000 per year

    Required Skills & Experience7–10 years of experience in engine design within the automotive industry Strong background in design, supplier collaboration, and quality assurance Proficient in DRBFM, GD&T, and CAD (2D & 3D) Advanced skills in MATLAB, Simulink, Python, and GT-Power Experience working with suppliers and managing sourcing activitiesNice to Have...

  • Part-Time Facility Security Officer

    7 days ago

    Ann Arbor, Michigan, United States Resonant Sciences LLC Full time

    Resonant Sciences LLC has an immediate opening for a Part-Time Facility Security Officer (FSO)/Contractor Program Security Officer (CPSO) to join our team at our Ann Arbor, MI, location. The successful candidate will coordinate and monitor highly sensitive aspects of DoD or other industrial security programs and other security activities while ensuring...

  • Senior Software Engineer

    1 day ago

    Ann Arbor, Michigan, United States Clarivate Full time

    Senior Software Engineer, ProQuest LLC d/b/a Clarivate Analytics (US) LLC, Ann Arbor, MIDuties:  Implement design changes to improve quality, performance, cost reduction, and standardization through analysis of designs and problem-solving techniques. Respond to direct or indirect customer inquiries regarding function and design.   Attend customer meetings...

  • Senior Research Engineer

    7 days ago

    Ann Arbor, Michigan, United States HistoSonics, Inc. Full time

    HistoSonicsis a medical device company, founded in 2009, that has developed a non-invasive, sonic beam therapy platform that uses histotripsy, which is capable of destroying targeted liver tumors. Our mission and passion are to advance the novel science of histotripsy and its powerful benefits, bringing meaningful and transformational change to physicians...

  • Lead Software Engineer

    2 weeks ago

    Ann Arbor, Michigan, United States Thomson Reuters Full time $147,000 - $273,000

    Lead Software Engineer, AI​ Are you passionate about building AI-driven software that transforms how professionals work? Join a dynamic and highly skilled team at Thomson Reuters, where we invest deeply in AI technologies and explore emerging fields with the backing of a global leader. As a Staff Software Engineer – AI, you will play a lead role in...