Senior Software Engineer PKI

We are the movers of the world and the makers of the future. We get up every day roll up our sleeves and build a better world -- together. At Ford were all a part of something bigger than ourselves. Are you ready to change the way the world moves

The Product Cybersecurity PKI & Key Management Security Services team generates distributes stores and manages lifecycle for the cryptographic keys in the vehicle product ecosystem. This includes developing and maintaining in-house APIs and web services to provide confidentiality integrity and authenticity protection for various use cases and features in the product ecosystem.

The team is directly engaged with the entire end-to-end solution for Vehicle Products and ecosystem providing key management PKI certificate lifecycle management and relative security services that support everything from ECU manufacturing to customer facing features.

In addition to managing the product ecosystem cryptographic keys the team develops and maintains various security API services built on the foundation and usage of cryptographic keys including vehicle secure messaging from cloud software signing UDS diagnostics EV charging and more. Our infrastructure cloud and on-premises servers and hardware security modules (HSM) running our services and powering our product PKI.

We are seeking an exceptional Senior Software Engineer specializing in Public Key Infrastructure (PKI) Key Management and secure API services to own the end-to-end lifecycle of mission-critical cryptographic systems.

What youll do...

• End-to-End Ownership: Lead the full lifecycle of PKI and Key Management API services supporting our vehicle products and ecosystem lead customer requirements gathering architecture design implementation testing deployment monitoring and post-launch support.
• Design and develop RESTful APIs and web services that are robust secure and scalable for various features and use cases: CRL/OCSP ACME Certificate Issuance message encryption/decryption software signing key rotation and certificate lifecycle management HSM integration with PKCS11 CCC. Implement access control methods that enforce least privilege access principles using OAuth or mTLS.
• Cryptographic Engineering: Implement and harden PKI and key services with deep knowledge of PKI industry standards X.509 PKCS standards elliptic curve cryptography (ECC) and RSA post-quantum readiness and hardware security module CSP integration. Apply hybrid encryption techniques with AES. Define and enforce PKI certificate policies and certificate profiles.
• Secure Systems Architecture: Design fault-tolerant highly available PKI services with zero-downtime issuance disaster recovery and multi-region replication.
• Infrastructure and CI/CD Integration: Release and Deploy your apps through build server CI/CD pipeline and infrastructure involving on-premises and cloud Kubernetes
• Security & Compliance: Monitor and address findings regularly in code base through SAST DAST software quality and security vulnerability scanning.
• Monitoring and Response: Actively assist in monitoring our systems and performing root cause analysis to address issues quickly. Implement robust application logging and integration with Splunk and security monitoring systems.
• Define and lead best practices for our software development process perform code reviews and mentor engineers while remaining hands-on in the codebase.
• Working with ECU embedded development teams to understand embedded architecture requirements and the best approach of key management for each ECU.
• Authoring and managing technical cybersecurity requirements and process documentation

Youll have...

• Bachelors degree in Computer Science or related OR a combination of education and experience
• 5 years in proficiency of software engineering and secure coding practices using object oriented programming including C#/C Standard

  • Strong knowledge and applicability of software architecture development methodologies and design principles including test-driven development

  • Outstanding software testing skills that results in lasting quality solutions that scale

  • Proficient version control of development and release branches in Git
  • Proven track record of owning customer-facing products from ideation to general acceptance and flexibility to manage multiple projects and deliverables throughout lifecycle.
• 3 years deploying and maintaining cloud infrastructure with Kubernetes or OpenShift and managing database instances (SQL Postgres Redis MongoDB)
• 3 years developing and maintaining production PKI systems and cryptographic APIs.
  • Experience and deep understanding of industry security standards and applying them in our software solutions and processes including NIST OWASP and relevant ISO and IEEE standards.

  • Application of Identity and Access Management principles in software services across varying infrastructures including OAuth JWT mTLS

  • Excellent understanding and application of cybersecurity algorithms standards and strategies including RSA ECC EdDSA AES TLS X.509 PKCS#11 ACME OCSP CRL HSM integration (Thales YubiHSM AWS CloudHSM GCP KMS)

  • Strong knowledge of PKI and Key Management best practices. Ability to justify asymmetric vs symmetric keying strategies chosen.

Even better you may have...

• Familiarity with in-vehicle network architecture modules and protocols (CAN embedded architecture) are a plus.

You may not check every box or your experience may look a little different from what weve outlined but if you think you can bring value to Ford Motor Company we encourage you to apply!

As an established global company we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe or keep you close to home Will your career be a deep dive into what you love or a series of new teams and new skills Will you be a leader a changemaker a technical expert a culture builderor all of the above No matter what you choose we offer a work life that works for you including:

Immediate medical dental vision and prescription drug coverage

Flexible family care days paid parental leave new parent ramp-up programs subsidized back-up child care and more

Family building benefits including adoption and surrogacy expense reimbursement fertility treatments and more

Vehicle discount program for employees and family members and management leases

Tuition assistance

Established and active employee resource groups

Paid time off for individual and team community service

A generous schedule of paid holidays including the week between Christmas and New Years Day

Paid time off and the option to purchase additional vacation time.

For a detailed look at our benefits click here:

position is a range of salary grades 7-8.

*Note: This is a hybrid role you are expected to relocate if you are not within commutable distance and responsible to be on site 4 days a week

Visa sponsorship is not available for this position.

Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire.

We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race religion color age sex national origin sexual orientation gender identity disability status or protected veteran the United States if you need a reasonable accommodation for the online application process due to a disability please call 1-.

#LI-Hybrid