Ford Motor CompanyRemote
Senior Cybersecurity Platform Engineer
United States
Full Time
1 hour ago
No H1B
Key skills
PythonBashPowerShellAIMLAWSAzureGCPTerraformKubernetesDockerAnsibleSplunkServiceNowJiraAgileRisk ManagementCommunicationPenetration TestingNetwork SecurityCloud SecurityZero Trust
About this role
Ford Motor Company is a global leader in mobility and technology, aiming to redefine transportation and enhance customer experiences. The Senior Cybersecurity Platform Engineer will design, implement, and maintain security platforms that support enterprise cybersecurity operations, focusing on AI security and automation.
Responsibilities:
- Design, implement, maintain, and improve security platforms and tools that protect the organization’s IT infrastructure
- Optimize security technologies to detect, prevent, and respond to security threats in real time
- Collaborate with engineering, IT, and security operations teams to deploy and support enterprise cybersecurity platforms and solutions
- Secure in-house and public AI and ML/DL systems against cyber threats, adversarial attacks, and data breaches across the solution lifecycle
- Design and implement robust security platforms supporting enterprise security needs (e.g., unified telemetry pipeline like BindPlane, SIEM like QRadar, SecOps, and AI security)
- Define and maintain guidelines and controls to secure AI systems, including data protection, model security, and compliance requirements
- Apply established frameworks as references/baselines (e.g., Google Secure AI Framework (SAIF), NIST AI Risk Management Framework, Framework for AI Cybersecurity Practices (FAICP))
- Identify, assess, and mitigate AI-specific security risks (adversarial attacks, data poisoning, model inversion, unauthorized access)
- Conduct vulnerability assessments and penetration testing on AI models and data pipelines
- Ensure AI data is encrypted, anonymized, and securely stored
- Implement access controls for sensitive AI data and models (RBAC, ABAC, Zero Trust)
- Protect AI models from tampering, theft, and adversarial manipulation during training and deployment
- Monitor and log AI system activity for anomalies and security incidents
- Develop and enforce policies to align AI systems with industry regulations, ethical standards, and organizational governance requirements
- Develop automated workflows and scripts to enhance security platform functionality and scalability, improving operational efficiency
- Manage timely patching and upgrades to security tools and systems to reduce downtime and minimize vulnerabilities
- Configure alerting systems for security threats and enable real-time monitoring for observability
- Partner with incident response teams to identify, contain, and mitigate security incidents
- Support root cause analysis to improve security posture and prevent repeat breaches
- Optimize security tools and platforms for performance and effectiveness while meeting compliance and organizational requirements
- Maintain documentation for platform configurations, AI services and capabilities, troubleshooting guides, and operational procedures
Requirements:
- Bachelor's degree in Computer Science, Information Security, or related field OR a combination of education and experience
- 5+ years of experience in security engineering, platform engineering, and AI/ML, including experience in large, complex environments, such as:
- Managing security platforms and tools in enterprise environments
- Telemetry pipeline platforms (e.g., BindPlane), SIEM (e.g., Splunk, QRadar), and vulnerability management tools
- Scripting and automation (Python, PowerShell, and/or Bash)
- Infrastructure as Code (Terraform, Ansible)
- Cloud security tools and platforms (GCP, AWS, Azure)
- Container security (Docker, Kubernetes)
- Networking protocols, firewalls, and network security best practices
- AI/ML concepts, architectures, and AI security challenges
- AI threat areas (adversarial attacks, data poisoning, model inversion, unauthorized access)
- Vulnerability assessment and penetration testing on AI models and data pipelines
- Data protection techniques (encryption, anonymization, secure storage) and secure access management (RBAC, ABAC, Zero Trust)
- Incident response, monitoring tools, and threat intelligence platforms
- Security frameworks and compliance references (SAIF, NIST, FAICP)
- ITSM processes and tools (ServiceNow) and delivery practices/tools (Agile, JIRA)
- Master's degree in Computer Science, Information Security, or related field
- Understanding of cloud AI/ML services and deployment pipelines
- CISSP (Certified Information Systems Security Professional)
- CCSP (Certified Cloud Security Professional)
- Preferred certifications such as CAISF, AICERTs, AI for Cybersecurity Specialization, or equivalent
- GCP cloud certification or equivalent in AWS or Azure (preferred)
- Additional cybersecurity certificates (preferred)
- Excellent communication and documentation skills for policy development and stakeholder engagement