What is the salary for this Product Security Manager role?

Salary information is not publicly listed for this position. Apply directly to discuss compensation with Drivemode.

Where is this Product Security Manager position located?

This is an on-site position at Drivemode located in Tokyo Office.

How do I apply for this Product Security Manager job at Drivemode?

Click the 'Apply' button on this page to be redirected to Drivemode's application portal. Make sure to have your resume ready and tailor your application to highlight relevant experience.

Drivemode is actively hiring for Security roles. Visit the company page to see all open positions and learn more about working at Drivemode.

Product Security Manager

Drivemode Tokyo Office 1 day ago

security

Our Mission:

Driving technology always feels old. Not by a little bit. We believe vehicles can be a thousand times smarter, safer, and more connected to the world around us, and our mission is to see it happen. In 2019, we joined forces with Honda as their first startup acquisition, and now we’re expanding our vision into building the future of electric vehicles (BEV) for millions of people around the world.

Why Drivemode:

Join Drivemode for an exciting startup environment and a vibrant culture that combines impactful work, competitive compensation, and excellent benefits. By becoming a part of our team, you'll contribute to a crucial mission that revolutionizes the way people engage with vehicles, addressing both business needs and the world's environmental challenges. This presents an exceptional opportunity to be at the forefront of innovation and drive Honda's success in the EV market.

About the Role:

As Drivemode's Product Security Manager, you will lead the product security program, owning strategy, risk management, compliance, vulnerability management, and incident response processes. You will ensure Drivemode products are designed, built, and maintained securely across the product lifecycle. This role involves partnering with engineering, QA, suppliers, and our product team to embed secure-by-design practices.

What You Will Do

Define and maintain product security policies, secure development lifecycle, and product security controls.

Identify, assess, and prioritize product security risks.

Lead TARA/threat modeling, vulnerability management, SBOM/OSS controls, and secure development practices.

Support PSIRT activities by ensuring appropriate triage, remediation, and engineering response from Drivemode teams.

Define and implement controls to meet and demonstrate compliance with ISO/SAE 21434, UN R155/R156, and internal governance and security requirements.

Deliver regular security posture reports, KPIs, and maintain training for engineering security champions.

Define and execute product security strategy and roadmap; set policy, risk appetite, and release acceptance criteria.

Embed secure-by-design practices across engineering: lead TARA/threat modeling, security design reviews, and security gates (CI/CD first).

Own SBOM/OSS controls and supplier security requirements; ensure evidence for audits and acceptance.

Run the product vulnerability program and coordinate remediation and evidence handover to other departments; support internal triage and verification.

Define patch/update policy and oversee secure update delivery for releases and OTA where applicable.

Report product security posture and KPIs to leadership; run the security champions and training strategy to up-skill engineering teams.

What We Are Looking For

7+ years in security roles with more than three years in management/lead capacity.

Proven experience leading product security programs, TARA/threat modeling ownership, SBOM/OSS management, and vulnerability triage coordination.

Experience with security and compliance audits.

Strong stakeholder skills and demonstrated ability to embed security practices into agile product teams.

Ability to collaborate effectively in English.

Nice to Have

Preferred Qualifications / Experience

Strong stakeholder management.

Knowledge of automotive cybersecurity standards (ISO/SAE 21434, UNECE R155/R156).

Familiarity with CAN, automotive Ethernet, OTA mechanisms, Android/Linux.

Experience with SAST/DAST, SBOM/OSS tooling, vulnerability scanners.

Experience working with agile development methodologies.

Familiarity with Automotive SPICE (ASPICE)

Familiarity with Application Lifecycle Management (ALM) tools (e.g., JAMA, Polarion, DOORS).

Preferred Certifications

CSSLP, CISSP.

Strong preference for automotive security training (ISO/SAE 21434 / TARA).

OSCP.

Japanese language ability is always welcome.

EEOC Statement

Drivemode is proud of a very diverse team with employees coming from 5 continents/16 countries as of today. Diversity in our workplace has played an important part in our success; we recognize each employee’s unique background, knowledge, experiences, ideas, and viewpoints which are all critical in developing a product that has the greatest impacts on drivers all over the world.

Drivemode provides equal opportunities to all employees and applicants for employment without regard to race, religion, color, age, gender, national origin, sexual orientation, gender identity, disability, or any other characteristics that make you unique.