Technical Program Manager – Woven City
Woven Planet
full-time
Posted on:
Location Type: Hybrid
Location: Tokyo • 🇯🇵 Japan
Visit company websiteJob Level
SeniorLead
Tech Stack
Cyber Security
About the role
- Proven ability to credibly coordinate between highly technical security teams (SOC, Infrastructure Security, Product Security) and Mobility product teams/business stakeholders to define security roadmaps and track deliverables for large infrastructure programs
- Develop and maintain onboarding processes, policies, and the overall program lifecycle for security deliverables required for the target infrastructure platform
- Develop and support the security framework to meet global regulatory requirements for the platform and its critical services, including risk management, data enablement, export regulatory compliance and vendor security
- Facilitate coordination across security teams (e.g., Infrastructure Security, Product Security) to ensure necessary security engineering, hardening, threat modeling, and support for security change management are completed for the platform
- Proactively identify and address critical security and operational gaps within the infrastructure. Establish clear roles, responsibilities, and processes for security monitoring (SOC), vulnerability management, and event/incident response, ensuring robust coverage across the expanded platform scope.
- Drive alignment on new security policies for external-facing services, and advise on adapting existing Woven City policies to meet new external-facing platform requirements
- Collaborate closely with Governance Security teams to establish essential frameworks (e.g., Shared Responsibility Model, risk appetite definitions) for platforms serving external customers. Ensure adherence to required Toyota guidelines.
Requirements
- 10+ years of cybersecurity engineer/TPM lead experience
- TOEIC 900+ or Business level Japanese language proficiency (N1)
- Demonstrated capability in designing, launching, and iteratively improving security programs, frameworks, or policies at scale
- Proven experience in managing security risks in a complex environment
- Deep understanding of global and local regulatory requirements, including hands-on experience operationalizing security frameworks (e.g., ISO27017, ISO27001/27002, NIST CSF) within product, infrastructure, or city-scale platforms
- Experience with operationalizing security requirements from regulatory frameworks such as GDPR, FEFTA, PDPA, etc.
- Experience tailoring technical and strategic communications for leadership, technical, and non-technical audiences; demonstrated ability to mediate and resolve ambiguity
- Strong business acumen with the ability to maintain a business-focused perspective while managing security risks
- Proven track record of influencing cross-functional teams, senior leaders, and external partners, especially in hybrid Japanese/international environments
Benefits
- Competitive Salary - Based on experience
- Work Hours - Flexible working time
- Paid Holiday - 20 days per year (prorated)
- Sick Leave - 6 days per year (prorated)
- Holiday - Sat & Sun, Japanese National Holidays, and other days defined by our company
- Japanese Social Insurance - Health Insurance, Pension, Workers’ Comp, and Unemployment Insurance, Long-term care insurance
- Housing Allowance
- Retirement Benefits
- Rental Cars Support
- In-house Training Program (software study/language study)
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecuritysecurity frameworksrisk managementvulnerability managementincident responsesecurity engineeringthreat modelingsecurity policiesregulatory complianceprogram lifecycle management
Soft skills
coordinationcommunicationinfluencebusiness acumenproblem-solvingmediationcollaborationadaptabilityleadershipstakeholder management