Cybersecurity Architect
Carrier
CloudCyber SecuritySDLC
Embedded Cybersecurity Engineer
Ford Motor Company
full-time
Posted on:
Origin: • 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
Cyber SecurityIoT
About the role
- Serve a key role in shaping product development security for Ford vehicles (Next-Gen Network Architecture, Diagnostics, Autonomous Vehicle, Ford Smart Mobility, Offensive Security Analysis)
- Contribute to team owning the security posture of embedded modules across Ford's product portfolio
- Integrate existing cybersecurity requirements into emerging products and assess/mitigate risks for future product development initiatives
- Perform assessments on content supporting Ford's product lines
- Deliver compliance reviews on features, functions, platforms, and modules per Ford Cybersecurity engineering process and standards such as ISO 21434 / R155
- Identify and engineer applicable cybersecurity requirements into product design and development lifecycle from ideation to testing with required deliverables
- Review and approve/reject supplier deliverables for conformance with cybersecurity requirements
- Work with content owners to manage progression through development to ensure security by design from inception
- Ensure systems are designed using threat analysis, risk assessment, adoption of security requirements, security audits, and vehicle ecosystem assessments
- Develop and utilize global supplier expertise to meet cyber security expectations
- Create and deliver risk reviews to management for concerns not mitigated through controls
- Support the re-use model in the CSMS to reduce reapplication of work across vehicle programs
Requirements
- Bachelor’s degree in Computer Science, Computer Engineering, or related domains OR a combination of education and experience
- 5+ years of experience with embedded, IoT and/or product systems Cybersecurity
- Functional knowledge of cryptographic controls and strategies for their application
- Experience with security system engineering, development, and testing
- Experience developing and maintaining engineering documentation including requirements, specifications, test plans, etc.
- Self-starter with ability to work independently and collaboratively
- Strong communication and analytical skills
- Certified in CISSP or Security+ (preferred)
- Relevant experience with vulnerability assessment management (preferred)
- History with threat modeling using industry standards such as MITRE ATT&CK or STRIDE (preferred)
- Candidates must be legally authorized to work in the United States; verification of employment eligibility will be required at time of hire
