Enterprise Cyber Security Supervisor

Skillset required:

• Knowledge of cyber security framework and industry standards (NIST CSF, ISO27001/2, OWASP, etc.), IT Risk Assessment, Threat Modeling, Control Gap Management
• Assist teams in triaging and addressing security vulnerabilities
• Knowledge on best practices for IAM flows and grant types, OAuth2, OIDC and SAML standards
• Experience with API security best practices to protect sensitive data and services
• Knowledge and experience using crypto algorithms and functions to build secure solutions
• Familiarity and ability to explain common security flaws and ways to address them (e.g. OWASP Top 10)
• Experience mentoring and coaching team members to develop and acquire cyber skills
• Strong knowledge of DevSecOps, Agile Principles, and security policies. 

Position responsibilities include:

• Providing policy and risk-based consultation to enterprise customers ensuring a robust cybersecurity posture for applications and services hosted on-premises, private cloud or SaaS.
• Evaluate security vulnerabilities, assess risk, and implement solutions to defend against threats to enterprise assets
• Performing control assessment for critical enterprise assets and SaaS solutions to ensure Ford data is adequately secured.  Help business owners to assess the security posture of Outside Service Providers
• Collaborate with other cyber services to provide best-in-class consultation and support to enterprise customers. 
• Reporting cyber security metrics by defining and tracking key performance indicators (KPIs)
• Establishing robust engagement and communication channels to provide timely and quality response 

Qualifications required:

• Bachelor (undergraduate) degree in a relevant field (Computer Science, Software Engineer, Security, or others) OR an equivalent combination of education, training, and experience
• Experience leading a major work stream or regional program initiative, providing technical guidance and advice to ensure consistent deployment of solutions
• Minimum of 8 years of professional experience with any combination of at least two of the following technical disciplines: application security, DevSecOps methodologies, identity and access management, solutions architect, cloud security, software development / coding and IT infrastructure management.
• Cyber Security certifications (CISA, CISSP, ISO 27001 etc.) is desired

DISCLAIMER:
Ford Motor Company is an Equal Opportunity Employer, as we are committed with a diverse workforce, and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran and basis of disability.
 

At Ford Motor Company, we believe freedom of movement drives human progress. With our incredible plans for the future of mobility, we have a wide variety of opportunities for you to accelerate your career and help us define tomorrow’s transportation.