About the role

Senior Security Engineer protecting Ford’s Connected Vehicle Cloud with high security standards. Collaborating with Cloud Engineering teams and ensuring secure, reliable product delivery.

Responsibilities

Architect and implement robust application security controls throughout the software development process across 200+ external and internal services.
Ensure the delivery of secure, reliable, and confidential products and services through adherence to best practices.
Monitor cloud environments for security threats, vulnerabilities and suspicious activities.
Investigate and respond to Security incidents and alerts in real-time.
Maintain vulnerability identification, assessment, and remediation across infrastructure and code.
Work with Engineering development teams to remediate vulnerabilities promptly.
Integrate security guardrails into build and deployment processes to prevent vulnerable code from reaching production.
Translate Engineering and Security needs into clear, well-defined functional and technical requirements backed by data analysis and deep understanding of the platform security landscape.
Collaborate with cross-functional teams to improve the security posture of Connected Vehicle Cloud and design Security into platforms and products.
Document Security Procedures, playbooks and guidelines.
Ensure alignment with internal Ford policies, and industry regulations and standards (adherence to relevant security framework such as SOC2, ISO27001).
Develop and manage key security operational metrics, ensuring their success and implementing action plans, including necessary remediations.

Bachelor's degree or equivalent combination of relevant education and experience.
6 years experience in a security engineering role, with experience in implementing effective vulnerability management strategies to mitigate risks.
3 years experience applied cloud security knowledge of AWS, GCP
1 year experience with automation and scripting using languages such as Python, Go, and Bash (shell scripting)
1 year experience in security standards and compliance regulations such as ISO 27001, SOC2, and GDPR
Even better, you may have…
Experience security in IOT and Device management systems
Experience with PKI and Certificate services.
Strong analytical skills to produce and interpret security data and trends
Demonstrated experience securing CI/CD pipelines in Kubernetes environments.

Immediate medical, dental, vision and prescription drug coverage
Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more
Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more
Vehicle discount program for employees and family members and management leases
Tuition assistance
Established and active employee resource groups
Paid time off for individual and team community service
A generous schedule of paid holidays, including the week between Christmas and New Year’s Day
Paid time off and the option to purchase additional vacation time.