Software Engineer

This role will be focused on operating and improving Ford Motor Company Enterprise Vulnerability Management (EVM) efforts. Drive security vulnerability identification and assessment/rating, remediation requirements, secure computing practices, and application security (DAST, SAST, SCM). Daily monitoring of multiple information sources to process threat intelligence data regarding the release of security patches and mitigations of exploitable traits in software. Decision-making capability involving knowledge of software used in the Ford environment (in various active states), familiarity with exploitable traits and personal judgment in order to provide effective patch and mitigation evaluation. Provide cyber security consultation and direction to IT and business organizations. Coordinate cyber security requirements across business organizations and recognize common needs with potential for strategic solutions. Develop and keep up to date runbooks, Standard Operating Procedures, and collaboration tools. Develop and track metrics to measure and report performance. 

This role will be focused on operating and improving Ford Motor Company Enterprise Vulnerability Management (EVM) efforts. Drive security vulnerability identification and assessment/rating, remediation requirements, secure computing practices, and application security (DAST, SAST, SCM). Daily monitoring of multiple information sources to process threat intelligence data regarding the release of security patches and mitigations of exploitable traits in software. Decision-making capability involving knowledge of software used in the Ford environment (in various active states), familiarity with exploitable traits and personal judgment in order to provide effective patch and mitigation evaluation. Provide cyber security consultation and direction to IT and business organizations. Coordinate cyber security requirements across business organizations and recognize common needs with potential for strategic solutions. Develop and keep up to date runbooks, Standard Operating Procedures, and collaboration tools. Develop and track metrics to measure and report performance. 

Required Skills 

The ability to collaborate with a globally located and diverse team of cybersecurity professionals working across organizational boundaries to protect Ford Motor Company. Strong written and verbal communication and organizational skills. Ability to work independently, follow a disciplined approach, and have an analytical mindset. Ability to work well in a small team and be flexible enough to work on any aspect of the team's needs. General understanding and awareness of vulnerability management processes, incident management procedures, and common exploit methods.

Desired Skills 

General understanding of emerging technology areas a plus (cloud, social media, mobility, big data, connected vehicle) and their implications in regard to cybersecurity.  Ability to quickly gain familiarity with  Ford IT Asset management systems.  Familiarity with analytics tools such as Qlik Sense/Dashboards is very desired. Knowledge of vulnerability scanning and penetration testing tools including QVM, Nessus, Qualys, Burp Suite and others. Programming skills including Python focused on scripting and automation. 

Requirement to work in shifts: 2-11:30 PM

Basic Qualifications:

• Bachelor’s Degree (Computer Science or related)
• 2+ Years of relevant experience in Cyber Vulnerability Management roles

Industry Certifications: 

Good to have relevant certifications like CEH, CompTIA Pentest+, CISSP, GIAC GEVA, GCIH, OSCP