Enterprise Security Automation Engineer
Woven Planet
full-time
Posted on:
Location Type: Hybrid
Location: Tokyo • 🇯🇵 Japan
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
AWSCloudGoogle Cloud Platform
About the role
- Develop automation related to the integration, use, and enhancement of various security systems and data sets including: code security, cloud security, infrastructure security, identity security, and AI security
- Develop ways to automate the assessment and validation of security controls
- Integrate data sets between technical security systems and business systems to accelerate security-supported workflows such as risk, compliance, and other reporting paths
- Perform automation-assisted hands-on security review supporting Product and Engineering teams to establish and validate security requirements in new and existing products or systems
- Perform threat modeling and application security assessments for projects across the organization
- Perform automated and manual security testing for software, cloud, and network systems developed and used by Woven by Toyota
- Provide consultant-level communication that is effective at multiple levels of sensitivity and multiple audiences
- Report to the senior manager for Enterprise Security Services and come to the office 3x per week as per our hybrid work policy
Requirements
- Bachelor’s Degree or higher in Computer Science or related field, or equivalent work experience
- Hands-on experience developing security automation supporting one or more of the following domains: software development, cloud configuration, network architecture, and identity and access management
- Experience identifying and addressing security issues through design and code review, static/dynamic analysis, and other commonly used security tools and methodologies
- Knowledge of secure coding principles and common application security vulnerabilities, such as OWASP Top 10 and CWE 25 vulnerabilities
- Experience presenting and communicating security threats to non-security specialists (i.e. development teams, management, or other stakeholders)
- Experience in software development or DevEx work (nice to have)
- Experience in infrastructure security, container security, and/or CI/CD security (nice to have)
- Knowledge of security features and mechanisms provided by AWS or GCP. AWS Certified Security or GCP Professional Cloud Security Engineer is a plus (nice to have)
- Knowledge of authentication protocols and frameworks to include OAuth, OpenID, SSO/SAML, and AWS IAM (nice to have)
- Business-level Japanese (nice to have)
Benefits
- Competitive Salary - Based on experience
- Work Hours - Flexible working time
- Paid Holiday - 20 days per year (prorated)
- Sick Leave - 6 days per year (prorated)
- Holiday - Sat & Sun, Japanese National Holidays, and other days defined by our company
- Japanese Social Insurance - Health Insurance, Pension, Workers’ Comp, and Unemployment Insurance, Long-term care insurance
- Housing Allowance
- Retirement Benefits
- Rental Cars Support
- In-house Training Program (software study/language study)
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
security automationcloud securityinfrastructure securityidentity securityAI securitythreat modelingapplication security assessmentsautomated security testingsecure coding principlesstatic/dynamic analysis
Soft skills
consultant-level communicationeffective communicationstakeholder engagement
Certifications
AWS Certified SecurityGCP Professional Cloud Security Engineer