DevSecOps Security Engineer
Mexico City, MEX, Mexico
Ford Motor Company
Since 1903, we have helped to build a better world for the people and communities that we serve. Welcome to Ford Motor Company.Ford Motor Company is an Equal Opportunity Employer, as we are committed with a diverse workforce, and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran and basis of disability.
The DevSecOps Security engineer ensures that every step of the software development lifecycle (SDLC) follows security best practices. They are also responsible for adhering to secure coding principles and aid in testing the application against security risks/parameters before release.- Able to work well with software development teams.
- Experience identifying security issues through code review.
- Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
- Familiarity with some common security libraries and tools (e.g. static analysis tools, proxying / penetration testing tools).
- Familiarity and ability to explain common security flaws and ways to address them (e.g. OWASP Top 10).
- Experience in integrating, monitoring and improving DevSecOps tools and processes, automate routine tasks and improve system reliability
- Basic development or scripting experience and skills.
- A basic understanding of network and web related protocols (such as TCP/IP, UDP, HTTP, HTTPS, protocols)
- Designing and implementing Zero Trust Security model, automated enforcement, and monitoring of security controls, vulnerability management, code based compliance and gate reviews, platform based security controls and guardrails
- Perform security-focused code reviews
- Assist teams in reproducing, triaging, and addressing application security vulnerabilities.
- Knowledge of Risk mitigation techniques and fixing the code bugs
- Monitoring the processes during the entire lifecycle for its adherence and updating or creating new processes for improvement
- Support and consult with product and development teams in the area of application security
- Identifying and deploying cybersecurity measures by continuously performing vulnerability assessment and risk management
- Providing security training and outreach to internal development teams
- Mentoring, guiding team members and customers
- Monitoring, measuring customer experience and KPIs
- English proficiency (written and verbal)
- Bachelor (undergraduate) degree in a relevant field (Computer Science, Software Engineer, Security, or others) OR an equivalent combination of education, training, and experience
- + 3 years of professional experience with any combination of at least 2 technical disciplines, including the following: DevSecOps, cloud security, network security, application security, mobile security, secure development methodologies, software development and coding, identity management, authentication and authorization, network architecture, system administration, and systems engineering
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Cloud Compliance Computer Science DevSecOps KPIs Mobile security Monitoring Network security OWASP Pentesting Risk management Scripting SDLC TCP/IP Vulnerabilities Vulnerability management Zero Trust
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs