Cyber Automation Analyst at Ford Global Career Site

Allen Park, Michigan, United States -

Full Time

Start Date

Immediate

Expiry Date

15 Apr, 26

Salary

0.0

Posted On

15 Jan, 26

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cyber Security, Python Programming, SIEM Tools, Cloud Experience, Incident Response, Information Security, Networking Concepts, Operating Systems, Malware Management, Generative AI, Critical Thinking, Problem Solving, Technical Project Management, Cloud Technologies, Forensics Awareness, AGILE Framework

Industry

Motor Vehicle Manufacturing

Description

Experience in understanding modern computing vulnerabilities, attack vectors and exploits is recommended. Bachelor's degree in a Computer Science, Information Technology or related field OR a combination of education and experience 2+ years of experience with SIEM tools with preference for Google SecOps 2+ years of Cloud experience in GCP (preferred) / Azure development Highly capable Python programming skills focused on Rest API's for organizing and moving data across myriad platforms and tooling Strong deductive reasoning, critical thinking, problem solving, and prioritization skills. Experience in a fast paced, high stress, support environment, able to work with a sense of urgency and pay attention to detail Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management. 2+ years prior SOC operational experience Sound understanding of Cloud, TCP/IP and networking concepts. In depth knowledge of servers, clients, various computer peripherals, network and/or Storage technologies Thorough knowledge of multiple operating systems specifically Windows and (Mac or Linux) Awareness of computer forensics as a discipline a plus Familiar with Ford Computing Infrastructure and application development life cycle (SDM) Demonstrate high level of independent initiative, drive for results, quality methods and integrity Create, enhance, and tune curated and custom SIEM/EDR threat detections Develop and implement in Python SOAR orchestration to integrate logs, events, data feeds, execute Incident Response actions, etc. Partner with IT Operations teams for current and future log source ingestion and parsing into SIEM and SOAR environments Technical project management for software upgrades and maintenance using the AGILE framework Engineer and deploy sophisticated security detection solutions, including the creation of agentic AI to assist in security incident triage and remediation, leveraging expertise in Generative AI (GenAI), Large Language Models (LLMs), and Retrieval-Augmented Generation (RAG), while ensuring adherence to and implementation of Model Context Protocol (MCP) for secure and reliable model operations. Established and active employee resource groups

Responsibilities

The Cyber Automation Analyst will create, enhance, and tune SIEM/EDR threat detections and develop SOAR orchestration in Python. They will partner with IT Operations teams for log source ingestion and engineer sophisticated security detection solutions.