Enterprise Cyber Security Analyst
Ford Motor Company
full-time
Posted on:
Location Type: Hybrid
Location: Naucalpan de Juárez • 🇲🇽 Mexico
Visit company websiteJob Level
JuniorMid-Level
Tech Stack
CloudCyber Security
About the role
- Serve as a subject matter expert, providing policy and risk-based consultation to enterprise customers, ensuring consistent adherence to regulatory requirements and best practices across all operations.
- Manage and drive critical cybersecurity projects from inception to completion, focusing on initiatives that improve internal customer experience by delivering user-centric security solutions and streamlining security processes.
- Act as a dedicated resource for Outside Service Provider (OSP) compliance, guiding business owners on company policy requirements and assisting in assessing the security posture of third-party vendors to minimize potential disruptions.
- Conduct high-risk Application and Infrastructure Governance, Risk, and Compliance (GRC) component assessments, identifying potential vulnerabilities, ensuring control implementation, and recommending mitigation strategies across various technologies.
- Support enterprise-level cybersecurity awareness initiatives, strengthening employee security awareness and empowering them as the first line of defense.
- Manage the full lifecycle of security vulnerabilities, including assisting teams with triage and analysis, evaluating associated risks, and implementing effective remediation strategies to defend against threats to enterprise assets.
- Collaborate with other cyber services to provide best-in-class consultation and support to enterprise customers.
- Reporting cyber security metrics by tracking key performance indicators (KPIs).
- Establishing robust engagement and communication channels to provide timely and quality response.
Requirements
- Bachelor's degree in a relevant field (e.g., Computer Science, Cybersecurity, Software Engineering, Information Security) or an equivalent combination of education, training, and experience.
- Minimum of 2-3 years of professional experience in IT (e.g., application development, infrastructure management), coupled with a strong desire and demonstrated aptitude for a career in cybersecurity.
- Minimum of 2 years of professional experience in one or more of the following technical disciplines:
- Third-party Risk Assessment
- Vulnerabilities Assessments
- Cybersecurity Consultation
- Cybersecurity Auditing
- Software Development and Coding (with a security focus)
- Application Security
- DevSecOps Methodologies
- Identity and Access Management (IAM)
- Cloud Security
- Security Operations and Incident Response
- Knowledge of cybersecurity frameworks and industry standards (e.g., NIST CSF, ISO 27001/2, OWASP).
- Familiarity with Threat Modeling and IT Risk Assessment methodologies.
- Knowledge of best practices for IAM flows, grant types, OAuth2, OIDC, and SAML standards.
- Experience with API security best practices to protect sensitive data and services.
- Knowledge of cryptographic algorithms and functions for building secure solutions.
- Familiarity with common security flaws and effective remediation strategies (e.g., OWASP Top 10).
- Understanding of DevSecOps principles, agile methodologies, and security policies.
Benefits
- Health insurance
- Retirement plans
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
Third-party Risk AssessmentVulnerabilities AssessmentsCybersecurity ConsultationCybersecurity AuditingSoftware DevelopmentApplication SecurityDevSecOps MethodologiesIdentity and Access ManagementCloud SecuritySecurity Operations
Soft skills
communicationconsultationproject managementrisk assessmentemployee trainingcollaborationproblem-solvingcustomer experience focusengagementtimely response