Jobs · Information Technology · Michigan

Product Cybersecurity Manager, Ford Energy

Ford Energy · Dearborn, MI · 1 wk ago
HybridInformation Technology$116k–$218k/yrFull-time

Responsibilities

  • Lifecycle Integration: Lead and integrate cybersecurity engineering across the entire battery storage system lifecycle, including design, manufacturing, deployment, operations, and decommissioning.
  • Hardware & Firmware Hardening: Define, implement, and audit security controls at the silicon, microcontroller, and firmware levels, including secure boot, cryptographic key management, secure storage, and Hardware Security Modules (HSMs).
  • Technical Innovation: Develop solutions to unusually complex cyber-physical security problems that require a high degree of ingenuity and creativity. Establish engineering precedents and design patterns that will serve as the template for future product lines and support the long-term reputation of the organization.
  • Cyber-Physical Threat Modeling: Lead threat modeling (e.g., STRIDE) and risk assessments to resolve highly ambiguous, large-scale technical challenges across battery management systems (BMS), power conversion systems (PCS), and overall BESS architectures. Develop novel, high-performance, and resilient security frameworks under extreme hardware and operational constraints.
  • Active Penetration Testing: Plan, coordinate, and execute hands-on penetration sing and vulnerability assessments on embedded hardware, firmware, and communication protocols (e.g., Modbus, CAN, DNP3, and TCP/IP).
  • Governance, Compliance & Incident Management: Align product engineering processes and security controls with relevant industry standards and frameworks (e.g., IEC 62443, ISO 21434, UL 2900, and NIST SP 800-82). Establish and manage cybersecurity work packages, compile risk registers, and represent cybersecurity requirements in stage-gate reviews and engineering boards. Develop and support security incident response playbooks for fielded BESS assets, and manage coordinated vulnerability disclosure for discovered firmware/hardware bugs.
  • Cross-Functional Collaboration & Technical Leadership: Drive technical security direction and best practices across multiple engineering teams (hardware, firmware, cloud, and systems), building architectural consensus for end-to-end product security. Actively mentor and guide peers to elevate the collective technical cybersecurity capabilities of the organization.

Qualifications

  • Required Experience: A minimum of 5–7 years of experience in Embedded Systems Security, Product Cybersecurity, or Security Engineering, with a proven track record in a product lead or senior technical capacity.
  • Education: Bachelor’s or Master’s degree in Computer Engineering, Electrical Engineering, Computer Science, Cybersecurity, or a related technical field.
  • Hardware & Firmware Security: Expert-level proficiency in secure coding practices (C/C++ or Rust), hardware architectures, secure boot, JTAG debugging protection, and cryptographic implementations.
  • Penetration Testing: Strong hands-on experience performing penetration sing on physical hardware interfaces (e.g., UART, JTAG, SPI, and I2C) and industrial/automotive network protocols (e.g., CAN, Modbus, and DNP3).
  • Threat Modeling & Risk Assessment: Demonstrated experience conducting threat modeling and risk assessments for complex cyber-physical or industrial control systems (ICS).
  • Standards & Regulations: Deep familiarity with cybersecurity frameworks and standards relevant to embedded systems and critical infrastructure (e.g., IEC 62443, ISO 21434, or UL 2900).

Similar jobs