Junior Consultant working on Cyber Security standards and customer advisory at MKS4U IT - Beratungs GmbH. Engaging in security assessments and developing long - term security strategies.
About the role
- Senior Security Engineer protecting Ford’s Connected Vehicle Cloud with high security standards. Collaborating with Cloud Engineering teams and ensuring secure, reliable product delivery.
Responsibilities
- Architect and implement robust application security controls throughout the software development process across 200+ external and internal services.
- Ensure the delivery of secure, reliable, and confidential products and services through adherence to best practices.
- Monitor cloud environments for security threats, vulnerabilities and suspicious activities.
- Investigate and respond to Security incidents and alerts in real-time.
- Maintain vulnerability identification, assessment, and remediation across infrastructure and code.
- Work with Engineering development teams to remediate vulnerabilities promptly.
- Integrate security guardrails into build and deployment processes to prevent vulnerable code from reaching production.
- Translate Engineering and Security needs into clear, well-defined functional and technical requirements backed by data analysis and deep understanding of the platform security landscape.
- Collaborate with cross-functional teams to improve the security posture of Connected Vehicle Cloud and design Security into platforms and products.
- Document Security Procedures, playbooks and guidelines.
- Ensure alignment with internal Ford policies, and industry regulations and standards (adherence to relevant security framework such as SOC2, ISO27001).
- Develop and manage key security operational metrics, ensuring their success and implementing action plans, including necessary remediations.
Requirements
- Bachelor's degree or equivalent combination of relevant education and experience.
- 6 years experience in a security engineering role, with experience in implementing effective vulnerability management strategies to mitigate risks.
- 3 years experience applied cloud security knowledge of AWS, GCP
- 1 year experience with automation and scripting using languages such as Python, Go, and Bash (shell scripting)
- 1 year experience in security standards and compliance regulations such as ISO 27001, SOC2, and GDPR
- Even better, you may have…
- Experience security in IOT and Device management systems
- Experience with PKI and Certificate services.
- Strong analytical skills to produce and interpret security data and trends
- Demonstrated experience securing CI/CD pipelines in Kubernetes environments.
Benefits
- Immediate medical, dental, vision and prescription drug coverage
- Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more
- Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more
- Vehicle discount program for employees and family members and management leases
- Tuition assistance
- Established and active employee resource groups
- Paid time off for individual and team community service
- A generous schedule of paid holidays, including the week between Christmas and New Year’s Day
- Paid time off and the option to purchase additional vacation time.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
IT - Security Consultant at Institut für Datenschutz und Datensicherheit guiding IT compliance and security strategies. Engage with clients to enhance IT security practices across Germany.
Business Development Representative creating and managing lead generation pipelines for cybersecurity solutions. Engaging with enterprise clients in Switzerland and Germany in a hybrid work model.
Information Security Officer responsible for developing and implementing security strategies at an IT service provider for the food and beverage industry. Engaging with teams and management on cyber risks and compliance.
Information Security Manager leading CISOaaS or GRC consultants for NVISO in Germany. Enhancing clients’ cybersecurity posture and driving strategic security initiatives.
Técnico de Segurança do Trabalho JR assisting with safety documentation and training for field activities at Arcadis. Focused on sustainable solutions in engineering and consulting.
Senior Security Engineer managing the vulnerability management program and collaborating with engineering teams at Causaly. Focused on cloud security and secure coding practices.
Infra Security Engineer focusing on endpoint security solutions in South Korea's urban mobility services. Collaborating on security architecture and threat detection initiatives.
Compliance Specialist managing documentation and policies for Orro's Information Security Management System. Supporting essential compliance activities across ISO 27001 and IRAP with strong attention to detail.
Senior Cyber Security Consultant supporting client cybersecurity development initiatives. Job focuses on administrative and technical aspects of cybersecurity within a collaborative consulting team setting.