Vehicle Security Architect – Middleware

Woven Planet

  • Full Time

ABOUT WOVEN PLANET GROUP
Woven Planet Group (Woven Planet) represents a carefully curated blend of expertise and resources dedicated to bringing the vision of “Mobility to Love, Safety to Live” to life. Through innovations and investments in automated driving, robotics, smart cities, and more, we are transforming how humankind lives, works, and moves. We exist to design, build, and deliver secure, connected, and sustainable mobility solutions that benefit all people worldwide. Founded in 2018 as Toyota Research Institute – Advanced Development (TRI-AD), Woven Planet is composed of four complementary companies: Woven Planet Holdings, Woven Core, Woven Alpha, and Woven Capital.

Visit us to learn more: https://www.woven-planet.global/

TEAM
The Woven Planet Vehicle Security Team is responsible for the cyber security of the vehicle products that include a highly programmable vehicle software development ecosystem.

Modern cars are an IoT device running complex, safety-critical software. Yet, their architecture has remained fundamentally unchanged for decades. What if we have an opportunity to redesign it with a software-first approach for all future Toyota cars and build an open software ecosystem with an abstraction layer so developers across the world can build software and services for autonomy, mobility, user experience and the connectivity of vehicles and physical infrastructure, with modern software tooling?

WHO ARE WE LOOKING FOR
The Woven Planet Vehicle Security team is looking for exceptional product security engineers who will work on the new vehicle architecture and the software ecosystem.

You will analyze vehicle software platform products including but not limited to: operating systems, networks and applications from a security perspective. You will be expected to be skilled at discovering gaps in our programs, discovering security issues, and driving solutions with cross-functional partners.

You will lead and influence security architecture, risk analysis, vulnerability testing, and security reviews for vehicle products across Woven Planet cross functional teams.

RESPONSIBILITIES
・Ensure security and privacy by design for embedded or middleware software products
・Assist development teams in architecting and securing the software and hardware ecosystem 
・Evaluate the security of middleware, libraries, and protocols for embedded systems
・Lead threat modeling towards components of the hardware abstraction layer, service layer, runtime environment and application layer; identifying security issues, risks and associated mitigations
・Audit C++ code to identify and patch security vulnerabilities
・Provide designs to implement the architected solutions
・Evaluate and recommend new and emerging security products and technologies

MINIMUM QUALIFICATIONS
・Bachelor’s degree in Computer Science, Computer Engineering or related field, or 10+ years relevant work experience
・5+ years of experience in software development
・3+ years of experience in software security as an architect or a developer of security solutions
・Advanced knowledge of the following domains: security engineering, system and network security, authentication and security protocols, cryptography, operating system and application security
・Security expertise in one or more of:
   ・Implementation of multilayered independent levels of security (MILS) architecture for high-assurance embedded systems
   ・Operating system (OS), ARM, or Kernel security
   ・Security of components of compile time and runtime environment (RTE)
   ・Practical experience of development of libraries (C/C++) for software security 
・Knowledge of DevSecOps methodology and components of a secure SDLC
・Experience with secure operating systems architecture, security design, and threat modeling
・Strong communication skills in English (both written and spoken)

 

PREFERRED QUALIFICATIONS

 

  • Experience in development of software components for automotive systems or robots
  • Experience in development of hardware abstraction layer (HAL) components
  • Experience in security of real-time operating systems (RTOS)
  • In-depth knowledge of Unix-like operating systems and their security components, preferable – used in automotive industry (e.g. Automotive Grade Linux)
  • Experience in vehicle software development
  • Experience in kernel and hypervisor security 
  • Understanding of standards such as ISO 21434 and ISO 26262 
  • Ability to communicate in Japanese is a plus
  •  

     

     

     

     

     

    If you are currently located outside of Japan, don’t worry, we’ll set an interview over Google Hangout Meet or Skype.
    WHAT WE OFFER
    ・Competitive Salary – Based on skills and experience
    ・Work Hours – Flexible working time with NO core-hours
    ・Paid Holiday – 20 days per year (prorated)
    ・Sick Leave – 6 days per year (prorated)
    ・Holiday – Sat & Sun, Japanese National Holidays, and other days defined by the company
    ・Japanese Social Security – all applicable (Health Insurance, Pension, Workers’ Comp, and Unemployment Insurance, Long-term care insurance)
    ・In-house Training Program (software study/language study)
    By submitting your application you agree to the following terms:
    [OUR COMMITMENT]
    ・We are an equal opportunity employer and value diversity.
    ・We pledge that any information we receive from candidates will be used ONLY for the purpose of hiring assessment.