Cyber Defense Analyst

We are the movers of the world and the makers of the future. We get up every day, roll up our sleeves and build a better world -- together. At Ford, we’re all a part of something bigger than ourselves. Are you ready to change the way the world moves? 

Enterprise Technology plays a critical part in shaping the future of mobility. If you’re looking for the chance to leverage advanced technology to redefine the transportation landscape, enhance the customer experience and improve people’s lives, this is the opportunity for you. Join us and challenge your IT expertise and analytical skills to help create vehicles that are as smart as you are.

This position is for a Cyber Defense Center (CDC) Detection Analyst specializing in initial threat triage. A Detection Analyst involves swiftly assessing and prioritizing security incidents to determine their severity and potential impact. You will be responsible for promptly identifying and investigating various threats, initiating timely response actions, and escalating to appropriate teams for further investigation and/or remediation.

Candidates must be open to a hybrid work arrangement with a limited in-office presence in the southeast Michigan metro area. Additionally, candidates must be willing to work at least 1 weekend per calendar quarter. For those weeks, only when you’re Shift Lead, you work 11am-8pm shift during Eastern Daylight Savings time and 10am-7pm shift during Eastern Standard time.

What you'll do...

• Perform initial triage of various security incidents to determine if a threat applies to Ford including phishing, malicious software, hostile probes, information theft, and misuse of computing facilities
  • Conduct daily analysis on the aforementioned incidents using a range of tools such as SIEM, EDR, IDS/IPS,Cloud, and Sandbox analysis
  • Collaborate with internal and customer teams to investigate and contain incidents
• Respond to cyber security queries received from Ford personnel
• Adhere to various playbooks/procedures to provide consistent and repeatable methods to resolve security incidents
• Effectively document investigation details for both technical and non-technical audiences
• Recognize attacker Tools, Techniques, and Procedures (TTPs) and Indicator of Compromises (IOCs) that apply to current and future investigations
• Support Shift Lead rotation at least once per calendar quarter
• Keeping up-to-date with emerging cybersecurity threats to proactively prevent potential attacks and improve Ford’s cyber security posture

You'll have...

• Bachelor’s degree in a Computer Science or related field
• 2+ years of experience with SIEM tools and/or reviewing system log files, data correlation, and analysis (i.e. firewall, network flow, system logs, IDS)
• 2+ years of experience in customer service including the resolution of escalations, incident handling, and response
• In depth knowledge of servers, clients, various computer peripherals, network and/or storage technologies with various operating systems including Windows, Linux, and Mac
• Experience in a fast paced, high stress, support environment, able to work with a sense of urgency and attention to detail
• Must work well with others including peers and end-users
• Strong interest in cyber security with an eagerness and willingness to learn
• Strong deductive reasoning, critical and analytical thinking, problem solving, and prioritization skills
• Disciplined approach utilized when completing work and adhering to procedure
• Strong oral and written communications skills – able and willing to communicate technical items in non-technical terms
• Demonstrate high level of independent initiative, drive for results and commitment to integrity
• Ability to concurrently work on multiple assignments/projects and complete on schedule with high quality

Even better, you may have...

• 2+ years of Cyber Security experience
• 2+ years Cloud experience in Google Cloud Platform (GCP) or Microsoft Azure
• Familiar with Ford Computing Infrastructure and application development life cycle (SDM) 
• Scripting abilities (Python, PowerShell, Bash/Shell, SQL)
• GIAC, CEH, CISSP or other related security certifications
• Candidate who prefers to work later hours to support NA shift (10am-7pm, 9am-6pm, or 11am-8pm EST)

You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply!

As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder…or all of the above? No matter what you choose, we offer a work life that works for you, including:

• Immediate medical, dental, vision and prescription drug coverage

• Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more

• Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more

• Vehicle discount program for employees and family members and management leases

• Tuition assistance

• Established and active employee resource groups

• Paid time off for individual and team community service

• A generous schedule of paid holidays, including the week between Christmas and New Year’s Day

• Paid time off and the option to purchase additional vacation time.

For a detailed look at our benefits, click here:
https://corporate.ford.com/content/dam/corporate/us/en-us/documents/careers/2024-benefits-and-comp-GSR-sal-plan-2.pdf

Visa sponsorship is not available for this position. 
 

Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire.

We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call 1-888-336-0660.

#LI-Hybrid