Cybersecurity Engineer

We are the movers of the world and the makers of the future. We get up every day roll up our sleeves and build a better world -- together. At Ford were all a part of something bigger than ourselves. Are you ready to change the way the world moves

Enterprise Technologyplays a critical part in shaping the future of mobility. If youre looking for the chance to leverage advanced technology to redefine the transportation landscape enhance the customer experience and improve peoples lives this is the opportunity for you. Join us and challenge your IT expertise and analytical skills to help create vehicles that are as smart as you are.

This position will be involved in developing/engineering SIEM/SOAR and unified security & risk management solutions across the current and future security portfolio with a strong initial focus on Google SecOps and Security Command Center. The ideal candidate should have experience configuring managing and optimizing Google SecOps and Security Command Center to support a mature SOC. This role involves working closely with IT security teams to enhance our security posture while ensuring compliance with industry standards and best practices.

What youll do...

• SIEM Solution Design and Implementation:
  • Designing and deploying secure scalable Google SecOps architectures including log ingestion pipelines and integration with existing IT infrastructure
  • Configuring and managing log ingestion from various sources ensuring data normalization and efficient analysis within Google SecOps.
• Design Build and Maintain SIEM Data Pipelines:
  • Design and develop robust scalable and automated data pipelines to ingest process transform and store security logs and events from diverse sources (e.g. servers firewalls applications cloud platforms) into the SIEM platform.
  • Develop and implement data parsing rules enrichment processes and data normalization techniques to ensure data quality and consistency within the SIEM.
  • Integrate new data sources into the SIEM including connecting to APIs databases streaming data sources and cloud platforms.
  • Collaborate with various teams (e.g. development operations cloud services) to understand logging requirements define logging standards and ensure the appropriate data is collected.
• Optimize SIEM Data Pipelines:
  • Monitor data pipeline performance identify bottlenecks and implement optimizations to improve efficiency reduce latency and ensure timely data availability for security analysis.
  • Tune log sources and correlation rules to reduce false positives minimize noise and enhance the accuracy of threat detection.
  • Develop and implement best practices for SIEM and SOAR (Security Orchestration Automation and Response) content management and development.
  • Explore and implement automation opportunities to improve analyst alert handling streamline security operations and reduce manual intervention.
• SIEM Administration and Support:
  • Maintain the health performance and tuning of the SIEM platform.
  • Troubleshoot issues related to log sources data ingestion parsing failures and other SIEM platform issues.
• Security Command Center (SCC) responsibilities:
  • Managing access to Security Command Center features through IAM roles allowing granular control over who can view edit or manage findings and assets
  • Ensuring that Security Command Center settings are configured and maintained to support the organizations security needs.
  • Connecting with other Google Cloud products and third-party tools for a more complete security posture

Youll have...

• Bachelors degree in Computer Science Cyber Security Information Systems or related field.
• 8 years of overall software engineering experience
• 4 years of hands-on experience with SIEM platforms such as Google SecOps IBM QRadar Microsoft Azure Sentinel or similar.
  • Experience with security logging data sources and industry best practices for log ingestion
  • Experience in log parsing custom rule creation and developing actionable alerts
• 2 years experience developing cloud native applications preferably on Google Cloud Platform

Even better you may have...

• Proficiency in scripting languages like Python Go Java or Bash for automation data manipulation and integration tasks.
• Hands-on experience setting up CI/CD pipelines. OpenShift Tekton or GitHub Actions or alike Knowledge of secure coding practices
• Experience setting up serverless functions using GCP Cloud Run or Cloud functions and configuring the respective cloud provider for scaling
• Robust knowledge of system design principles including reliability availability and scalability
• Experience setting up logging and monitoring services (Dynatrace GCP Ops Suites)
• Strong understanding of network security log analysis threat detection and incident response.
• Knowledge of RESTful APIs data integration techniques and infrastructure-as-code tools (e.g. Terraform Ansible).
• Analytical and Problem-Solving Skills:
• Ability to analyze complex data systems identify improvement opportunities and translate business requirements into detailed technical designs.
• Excellent analytical skills and attention to detail for solving complex problems with many variables.
• Communication and Collaboration:
• Strong verbal and written communication skills to articulate technical issues collaborate with stakeholders and create comprehensive documentation.
• Ability to work effectively in a team environment and interact with various internal and external teams.
• Comfortable supporting multiple client environments and balancing delivery with operations.
• Security & Cloud skills:
  • Familiarity with security concepts cybersecurity frameworks such as NIST MITRE ATT&CK threat hunting and cyber threat intelligence.
  • Strong technical experience working in multi-cloud platforms particularly Google Cloud.
  • Relevant industry certifications (e.g. CISSP CISA GCIH GCIA CompTIA Security CEH) are highly valued.
  • GCP Professional certifications like Security Engineer Cloud Engineer/Architect are a strong plus.

You may not check every box or your experience may look a little different from what weve outlined but if you think you can bring value to Ford Motor Company we encourage you to apply!

As an established global company we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe or keep you close to home Will your career be a deep dive into what you love or a series of new teams and new skills Will you be a leader a changemaker a technical expert a culture builderor all of the above No matter what you choose we offer a work life that works for you including:

Immediate medical dental vision and prescription drug coverage

Flexible family care days paid parental leave new parent ramp-up programs subsidized back-up child care and more

Family building benefits including adoption and surrogacy expense reimbursement fertility treatments and more

Vehicle discount program for employees and family members and management leases

Tuition assistance

Established and active employee resource groups

Paid time off for individual and team community service

A generous schedule of paid holidays including the week between Christmas and New Years Day

Paid time off and the option to purchase additional vacation time.

For a detailed look at our benefits click here:
position is a range of salary grades 7-8.

Visa sponsorship is not available for this position.

Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire.

We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race religion color age sex national origin sexual orientation gender identity disability status or protected veteran the United States if you need a reasonable accommodation for the online application process due to a disability please call 1-.

#LI-Hybrid