Devsecops / Cyber Security Engineer - Ford Pro Technology

Ford Pro is a new global business within Ford committed to commercial customer productivity. Ford Pro delivers a work-ready suite of vehicles, accessories, and services for virtually every vocation, backed by technology and engineered for uptime. A true one-stop shop, offering a full portfolio of electrified and internal combustion vehicles designed to integrate seamlessly with the Ford Pro ecosystem, helping customers' businesses thrive today and into the new era of electrification.
Are you passionate about solving business problems and serving customers? The Ford Pro Cyber Security team is seeking a fun, energetic, and innovative individual to serve as our Senior Security Engineer and Product Line Anchor. Our group is the Business Information Security team within Ford Pro and you can make an immediate impact at the start of this organization.
Are you the Security MacGyver we seek?
Seeking an individual who can:

• Support and develop automation solutions
• Identify mitigations where security concerns cannot be patched
• Consult on automating security in the pipeline
• Consult on API Security
• Quickly understand security concerns and propose solutions
• Sniff out problems - code-level, network-level, a non-issue blown out of proportion
• Consult on Identity and Access Management concerns
• Provide engineering solutions to application security issues

Should you consider this role? You will do well in this role if…you are:
Someone with a myriad of security experiences:

• Cyber Incident Response - Ethical Hacker / Penetration Tester
• Developer Enablement (wrote dev guides around security topics, developed libraries...etc.)
• Software Engineer / Developer
• Cyber Incident Response - Malware Analyst and Reverse Engineer
• Security Architect
• Cyber Incident Response - Incident Responder

As our Senior Security Engineer, you are going to:

• Monitor and evaluate the performance of our solutions
• Collaborate across Ford Pro Tech, Information Tech Operations (ITO), Enterprise Architecture, Enterprise Cyber Security organizations and so many more….
• Support and develop automation solutions that enable our product teams to build and deploy code quickly
• Cross between technology and business topics with ease and understanding
• Collaborate with teams working on software solutions to automate security in delivery pipelines
• Operate independently and adapt to dynamic needs of the organization and teams
• Implement industry best practices for container hardening and API configuration management
• Leverage cloud technology to promote fast resource provisioning and scalability

Minimum Requirements:

• Familiarity with Infrastructure as Code (IaC) solutions such as Terraform, CloudFormation and/or Azure Resource Manager templates
• 3+ years of security, software engineering, or product delivery
• Bachelor’s Degree in Business, cyber security, computer science, computer engineering or any related field
• Proficiency with Docker, bash scripting, and at least one programming/scripting language
• 2+ years of experience with Continuous Integration/Continuous Delivery (CI/CD) pipelines
• 2+ years of work experience implementing and/or supporting cloud-based platforms in an enterprise environment such as: Google Cloud Platform (GCP), Microsoft Azure, and Amazon Web Services (AWS).

Preferred Requirements:

• Working knowledge of a variety of regulations, control frameworks, and requirements, such as SOX, NIST 800-53, NIST 800-171, ISO 27001
• Familiar with eXtreme Programming (XP) practices including Test Drive Development (TDD)
• Technical awareness of the development of microservices
• Strong analytical and problem-solving skills
• Experience with Spring Cloud and deploying to cloud platforms, preferably Pivotal Cloud Foundry or Cloud Foundry
• Highly effective interpersonal skills working with other technical experts, Product Managers, and Go To Market leads
• Experience with CA Agile Central (Rally), backlogs, iterations, user stories, or similar backlog management tools such as Jira
• IT operations, security, and/or infrastructure experience in an enterprise environment and/or Application and Container Security knowledge in an eCommerce environment
• Ability to multi-task and manage changing priorities in a fast-paced environment
• Experience building deployment solutions for containers and serverless functions to cloud environments
• Master’s Degree in cyber security, computer science, computer engineering or related field
• CKA certification or demonstrated experience with Kubernetes
• Experience with Git/GitHub or equivalent source control repositories
• Strong oral and written communication skills
• Familiarity with collaborative messaging applications such as Slack
• Experience with log analysis, application, and resource monitoring solutions such as Datadog or Splunk.
• Development experience with Continuous Integration/Continuous Delivery tools and build automation systems such as Tekton, Drone CI, Jenkins, Maven, and Gradle
• Security Certifications are a plus (CISSP, CISA, CISM, etc)
• Ability to work independently and take initiative when solving unexpected problems

Join our team as we create the future of the commercial landscape and deliver secure and always-on solutions.
We believe in putting people first, working together, and facing challenges head-on.
Visa sponsorship is available for this position.

For information on Ford’s benefits and compensation, click here:
https://corporate.ford.com/content/dam/corporate/us/en-us/documents/careers/2022-benefits-and-comp-GSR-sal-plan-2.pdf

We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status.
At Ford, the health and safety of our employees is our top priority. Vaccination has been proven to play a critical role in combating COVID-19. As a result, Ford has made the decision to require U.S. salaried employees to be fully vaccinated against COVID-19, unless employees require an accommodation for religious or medical reasons. Being fully vaccinated means that an individual is at least two weeks past their final dose of an authorized COVID-19 vaccine regimen. As a condition of employment, newly hired employees will be required to provide proof of their COVID-19 vaccination or an approved medical or religious exemption.
#LI-REMOTE
#LI-FORDPRO

63639BR

Michigan

Marketing, Sales & Service (MSS)

Ford Pro

Yes