Ford Motor Company Ford Pro Cybersecurity Analyst in Topeka, Kansas
Ford Pro is a new global business within Ford committed to commercial customer productivity. Ford Pro delivers a work-ready suite of vehicles, accessories, and services for virtually every vocation, backed by technology and engineered for uptime. A true one-stop shop, we offer a full portfolio of electrified and internal combustion vehicles designed to integrate seamlessly with the Ford Pro ecosystem, helping customers' businesses thrive today and into the new era of electrification.
The Ford Pro Cyber Security team is seeking a fun, energetic and organized individual. Our group is the Business Information Security team within Ford Pro and you can make an immediate impact within this organization.
We are seeking a skilled security analyst to help mature our security enablement team through improving our customer experience with Ford Pro products and services.
Provide consulting services to all Ford Pro product teams, providing advocacy, guidance and education on code security related problems by leveraging enterprise services across product lifecycles, identifying vulnerabilities and implementing secure solutions.
Support ISO 27001 certification preparation with guiding remediation of all Ford Pro software products and services.
Ability to compromise, work collaboratively and navigate complex decision making.
Support all teams dealing with Audit, ICC Control Review and OICs as the occur.
Collaborate across Ford Pro Tech, Information Tech Operations (ITO), Enterprise Architecture, Model E and Enterprise Cyber Security organizations.
Work with all regular security and compliance annual activities and education plan for all Ford Pro teams to ensure compliance with corporate policies (Information Security Policy, Code of Conduct, etc.) to deliver Ford+ plan.
Design, develop and test automation components for product and software especially security related.
Facilitate getting all known control gaps identified and develop control improvement plans to raise operational maturity in partnership with Internal Controls team as part of GRC processes.
Partner with Cyber Defense during incident response for Ford Pro teams, as required. Help define security standards around CI/CD pipelines, SAST/SCA/DAST testing processes, DevSecOps principles.
Bachelor’s degree in business, Cyber Security, Computer Science, or Engineering field
3+ years of software engineering/systems analyst.
3+ years’ experience in cybersecurity analysis, vulnerability management, security consulting
Nice to have qualifications:
Experience using 1 or more SAST/SCA tools like CheckMarx, FOSSA, 42Crunch or BlackDuck
Strong working knowledge of Info Sec policy, global purchasing policies and process, GRC component assessment, controls testing, etc.
Strong understanding of the OWASP Top 10 security vulnerabilities and remediation techniques
Working knowledge of a variety of regulations, control frameworks, and requirements, such as SOX, NIST 800-53, NIST 800-171, ISO 27001
Working knowledge of API Security
Security coding experience with languages like Java, Java Script, Python, Ruby or equivalent
Working knowledge of engineering concepts around key management, authorization, Cloud Security etc.
Experience in security operations.
Experience working with GCP and particularly securing GCP assets and development pipelines.
Experience working in incident Response teams to detect, contain, investigate, and recover from security incidents.
Familiarity with automation test scripts, test plans and configuration of test systems.
Experience working with GAO and/or Internal Control
Strong working knowledge of architecture patterns and resources
Certifications are highly valued (CISSP, CISA, CISM, etc.)
Join our team as we create the future of the commercial landscape and deliver secure and always-on solutions.
We believe in putting people first, working together, and facing challenges head-on.
What you’ll receive in return :
As part of the Ford family, you’ll enjoy excellent compensation and a comprehensive benefits package that includes generous PTO, retirement, savings, and stock investment plans, incentive compensation, and much more. You’ll also experience exciting opportunities for professional and personal growth and recognition.
Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position.
We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status, or protected veteran status.
For information on Ford's salary and benefits, please visit: https://corporate.ford.com/content/dam/corporate/us/en-us/documents/careers/2024-benefits-and-comp-GSR-sal-plan-2.pdf
Requisition ID : 24020