Jobs · Information Technology · Michigan

Offboard Cybersecurity Technical Specialist

Ford Motor Company · Dearborn, MI · 1 wk ago
HybridInformation Technology$133k–$251k/yrFull-time

About the role

The Offboard Cybersecurity organization at Ford Motor Company protects various aspects of our digital ecosystem, including mobile and web applications, APIs, cloud services, connected platforms, charging and energy infrastructure, partner integrations, and cryptographic trust services. This role involves providing technical leadership and hands-on guidance across these areas, collaborating with multiple teams, and shaping how Ford secures its offboard product ecosystem.

Responsibilities

  • Act as a liaison to other pillars in the Product Cybersecurity department, ensuring offboard cybersecurity is represented in and connected to department-wide processes, standards, tool engagements, and decision points.
  • Deliver practical, technically grounded recommendations to product teams and leadership, helping them make risk-based tradeoff decisions that fit how their systems actually work.
  • Translate technical insight into standards, requirements, and training, contributing to discoverable, practical guidance.
  • Support cross-pillar initiatives including: ASPM and tool integrations, cryptographic standards, security deliverable improvements, and risk management.
  • Mentor and upskill engineers across the offboard space, sharing technical security expertise, coaching team members on assessment and testing techniques, and helping raise the overall security capability and consistency across the API Security, AppSec, Charging, and PKI/KMS pillars.
  • Evaluate new and emerging technologies and assess how to securely bring them into Ford's offboard environment, working across department boundaries to do so.
  • Support threat modeling for complex systems, features, and integrations, including API AuthN/AuthZ flows, charging use cases (Plug & Charge, V2G), and cryptographic trust services, contributing technical depth to threat models led by others.
  • Take on complex technical problems across the offboard space, working alongside the relevant cybersecurity engineer to investigate options, and drive toward practical solutions.
  • Support cybersecurity engineers in the development of reusable, practical, and secure usage patterns for new and emerging technologies in the Offboard product space.
  • Collaborate with the monitoring team to analyze security trends across the offboard space and help define concrete actions and improvements in response.
  • Support the development of SOC detectors by bringing a deep understanding of underlying technologies and identifying potential areas of risk and concern that should be detected and monitored.
  • Stay current in new technologies, tools, and ideas, continuously building expertise to keep Ford's offboard security guidance relevant and forward-looking.
  • Participate in external working groups related to offboard cybersecurity technologies and initiatives, bringing industry insight back into Ford and representing Ford's perspective where appropriate.

Requirements

  • Bachelor’s degree in Cybersecurity, Computer Science, Software Engineering, Electrical Engineering, Information Technology, or a related technical field OR a combination of education and experience.
  • 7+ years of experience in cybersecurity, security engineering, product security, application security, cloud security, API security, automotive cybersecurity, IoT security, or a related technical security domain.
  • Experience serving in a senior technical capacity, including mentoring engineers, guiding technical decision-making, influencing architecture or design direction, and driving cross-functional security work.
  • Strong understanding of application, API, cloud, and integration security concepts, including secure design, identity, authentication, authorization, access control, data protection, and secure software delivery practices.
  • Strong understanding of network security, communication protocols, TLS, PKI, certificate management, key management, encryption, digital signatures, and related cryptographic principles.
  • Experience performing security architecture reviews, design reviews, threat modeling, or risk assessments for complex systems, products, platforms, or integrations.
  • Ability to translate complex technical security risks into practical recommendations, reusable guidance, standards, or secure implementation patterns.
  • Strong communication and collaboration skills, with the ability to work effectively across cybersecurity, product, engineering, architecture, operations, compliance, and monitoring/SOC teams.
  • Ability to evaluate emerging technologies and define practical, risk-based approaches for secure adoption.
  • Strong executive and technical communication skills, with the ability to explain nuanced security risks, tradeoffs, and recommendations to both engineering teams and leadership.

Qualifications

  • Master’s degree in Cybersecurity, Computer Science, Software Engineering, Electrical Engineering, or another relevant technical field.
  • Hands-on experience securing REST APIs, mobile applications, web applications, cloud-native services, microservices, identity platforms, or externally exposed digital integrations.
  • Experience with authentication and authorization patterns such as OAuth 2.0, OpenID Connect, mTLS, token-based access control, service-to-service authentication, delegated authorization, or fine-grained authorization models.
  • Experience with cryptographic systems and trust services, including PKI, KMS, HSMs, certificate lifecycle management, key rotation, certificate profiles, signing services, or crypto-agility planning.
  • Familiarity with post-quantum cryptography, cryptographic standards, approved algorithm governance, or large-scale cryptographic migration planning.
  • Experience with EV charging, energy, or grid-connected technologies, including standards or protocols such as ISO 15118, OCPP, Plug & Charge, smart charging, or Vehicle-to-Grid.
  • Familiarity with automotive cybersecurity standards or practices, including ISO/SAE 21434, TARA, secure product development, or connected vehicle security.
  • Experience supporting SOC, monitoring, detection engineering, or incident response teams by translating product architecture and threat knowledge into meaningful detection opportunities.
  • Experience developing security standards, reusable design patterns, playbooks, technical training, or engineering-facing guidance in a large, complex organization.
  • Experience identifying, mitigating, or threat modelling common web and API security vulnerabilities such as Broken Object Level Authorization and other OWASP Top 10 and API Security top 10 risks.
  • Experience with embedded systems security including hardware based secure storage (e.g. Secure Elements, TPMs, SHE, or HSMs), secure key injection, and implementing cryptographic operations in resource constrained embedded environments.

Skills

  • Technical leadership and hands-on guidance in cybersecurity, security engineering, product security, application security, cloud security, API security, automotive cybersecurity, IoT security, or a related technical security domain.
  • Collaboration and mentorship skills, including the ability to guide technical decision-making and influence architecture or design direction.
  • Threat modeling, risk assessment, and security architecture review experience.
  • Experience with emerging technologies and the ability to assess and define practical, risk-based approaches for secure adoption.
  • Strong communication and collaboration skills, with the ability to work effectively across cybersecurity, product, engineering, architecture, operations, compliance, and monitoring/SOC teams.
  • Experience with security standards, reusable design patterns, playbooks, technical training, or engineering-facing guidance in a large, complex organization.
  • Experience with embedded systems security, including hardware based secure storage, secure key injection, and implementing cryptographic operations in resource constrained embedded environments.

Benefits

  • Immediate medical, dental, vision and prescription drug coverage
  • Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more
  • Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more
  • Vehicle discount program for employees and family members and management leases
  • Tuition assistance
  • Established and active employee resource groups
  • Paid time off for individual and team community service
  • A generous schedule of paid holidays, including the week between Christmas and New Year’s Day
  • Paid time off and the option to purchase additional vacation time

Pay

$132,800 – $250,800

Schedule

This is a hybrid role, you are expected to relocate if you are not within commutable distance, and responsible to be on site 4 days a week.

Similar jobs

Safety Specialist

DuraServCoppell, TX· 3 wk ago
Manufacturingapply on workforcenow.adp.com

Safety Specialist

DuraServFort Worth, TX· 3 wk ago
Managementapply on workforcenow.adp.com

Safety Specialist

TowneCleveland, OH· 1 mo ago
Management$70k–$80k/yrapply on townepark.wd5.myworkdayjobs.com