• Cyber Automation Analyst

    Ford Motor Company (Allen Park, MI)


    At Ford Motor Company, we believe freedom of movement drives human progress. We also believe in providing you with the freedom to define and realize your dreams. With our incredible plans for the future of mobility, we have a wide variety of opportunities for you to accelerate your career potential as you help us define tomorrow’s transportation.

     

    This role will be focused on operating and improving Ford’s Cyber Defense Center (CDC) efforts within the Office of the CETO organization. The CDC mission is to provide proactive and reactive security services to protect Ford Motor Company Global digital information assets from compromise. Ford Motor Company must be able to respond to information security-related incidents in a manner that protects corporate information and ensures the protection of additional information which might be affected by the incident. The Threat Integration Analyst is focused on integrating threat and intelligence information across Ford’s security landscape including SIEM, SOAR, EDR, Intelligence, and other tools in order to protect any Ford Motor Company asset or asset of any subsidiary or joint venture worldwide.

     

    Successful candidates must have a significant interest in the Cyber Defense background. The candidate should display strong technical depth that spans cloud, network, and hosts. Experience in understanding modern computing vulnerabilities, attack vectors and exploits is recommended. Leadership behaviors must include solid oral and written communications skills, focus on teamwork, and a high level of personal integrity. In this role, candidate will understand existing and emerging threat actors, and be able to identify rapidly changing tools, tactics, and procedures of attacks.

     

    Candidates must be willing to work a Hybrid work pattern, with a currently limited in-office schedule in the southeast Michigan metro area and in some cases a full-time remote option.

    What you’ll be able to do:

    + Create, enhance, and tune curated and custom SIEM/EDR threat detections

    + Develop and implement in Python SOAR orchestration to integrate logs, events, data feeds, execute Incident Response actions, etc.

    + Partner with IT Operations teams for current and future log source ingestion and parsing into SIEM and SOAR environments

    + Technical project management for software upgrades and maintenance using the AGILE framework

    + Engineer and deploy sophisticated security detection solutions, including the creation of agentic AI to assist in security incident triage and remediation, leveraging expertise in Generative AI (GenAI), Large Language Models (LLMs), and Retrieval-Augmented Generation (RAG), while ensuring adherence to and implementation of Model Context Protocol (MCP) for secure and reliable model operations.

     

    You'll have...

     

    + Bachelor’s degree in a Computer Science, Information Technology or related field OR a combination of education and experience

    + 2+ years of experience with SIEM tools with preference for Google SecOps

    + 2+ years of Cloud experience in GCP (preferred) / Azure development

    + Highly capable Python programming skills focused on Rest API’s for organizing and moving data across myriad platforms and tooling

    + Strong deductive reasoning, critical thinking, problem solving, and prioritization skills.

    + Experience in a fast paced, high stress, support environment, able to work with a sense of urgency and pay attention to detail

    + Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management.

     

    Even better, you may have...

     

    + 2+ years prior SOC operational experience

    + Sound understanding of Cloud, TCP/IP and networking concepts.

    + In depth knowledge of servers, clients, various computer peripherals, network and/or Storage technologies

    + Thorough knowledge of multiple operating systems specifically Windows and (Mac or Linux)

    + Awareness of computer forensics as a discipline a plus

    + Familiar with Ford Computing Infrastructure and application development life cycle (SDM)

    + Demonstrate high level of independent initiative, drive for results, quality methods and integrity

    **What you’ll receive in return** :

     

    You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply!

     

    As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder…or all of the above? No matter what you choose, we offer a work life that works for you, including:

     

    Immediate medical, dental, vision and prescription drug coverage

    Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more

    Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more

    Vehicle discount program for employees and family members and management leases

    Tuition assistance

    Established and active employee resource groups

    Paid time off for individual and team community service

    A generous schedule of paid holidays, including the week between Christmas and New Year’s Day

    Paid time off and the option to purchase additional vacation time.

     

    For a detailed look at our benefits, click here: https://fordcareers.co/GSR-HTHD

     

    This position is a range of salary grades 6-7.

     

    *Note: This is a hybrid role, you are expected to relocate if you are not within commutable distance, and responsible to be on site 4 days a week

     

    Visa sponsorship is **not** available for this position.

     

    Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire.

     

    We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call 1-888-336-0660.

    \#LI-Hybrid

    **Requisition ID** : 56630