Business Information Security Engineer
4 weeks ago
Ford Pro is a new global business within Ford committed to commercial customer productivity. Ford Pro delivers a work-ready suite of vehicles, accessories, and services for virtually every vocation, backed by technology and engineered for uptime. A true one-stop shop, we offer a full portfolio of electrified and internal combustion vehicles designed to integrate seamlessly with the Ford Pro ecosystem, helping customers' businesses thrive today and into the new era of electrification.
The Ford Pro Cyber Security team is seeking a fun, energetic and organized individual. Our group is the Business Information Security team within Ford Pro and you can make an immediate impact within this organization. We are also expanding our scope to encompass FCSD Tech.
Position responsibilities:
We are seeking a skilled security analyst to help mature our security posture through improving our customer experience with Ford Pro/FCSD products and services.
Act as a senior subject matter expert for secure coding, evaluating, and implementing processes to mature application security leveraging existing tools. Provide consulting services to all Ford Pro product teams, providing advocacy, guidance and education on code security related problems by leveraging enterprise services across product lifecycles, identifying vulnerabilities and implementing secure solutions. Help define security standards around CI/CD pipelines, SAST/SCA/DAST testing processes, DevSecOps principles. Support ISO 27001 certification preparation with guiding remediation of all Ford Pro software products and services. Support all teams dealing with Audit, ICC Control Review and OICs as they occur. Collaborate across Ford Pro Tech, FCSD Tech, Information Tech Operations (ITO), Enterprise Architecture, Model E and Enterprise Cyber Security organizations and so many more. Work with all regular security and compliance annual activities and education plan for all Ford Pro teams to ensure compliance with corporate policies (Information Security Policy, Code of Conduct, to deliver Ford+ plan. Design, develop and test automation components for product and software especially security related. Facilitate getting all known control gaps identified and develop control improvement plans to raise operational maturity in partnership with Internal Controls team as part of GRC processes. Partner with Cyber Defense during incident response for Ford Pro teams, as required. Support and develop automation solutions that enable our product teams to build and deploy code quickly while giving them insights into security findings. Leverage cloud technology to promote fast provisioning and scalability with secure configuration management and monitoring. Implement industry best practices for container hardening and API configuration management. Cross between technology and business topics with ease and understanding being able to explain security topics to any audience. Operate independently and adapt to dynamic needs of the organization and changing teams.Minimum qualifications:
Bachelor’s degree in business, Cyber Security, IT management, Risk Management, Computer Science, or Computer Engineering or any related field 5+ years’ experience in cybersecurity analysis, vulnerability management, security consulting, secure software engineering. Experience in security operations including delivery of security findings to software engineering teams and consulting on risk priorities for vulnerabilities. Ability to work collaboratively with others and navigate complex decision making. Familiarity with automation test scripts, test plans and configuration of test systems, security testing tools and their use in an SDLC. Experience working with GCP and particularly securing GCP assets and development pipelines. Experience working in incident Response teams to detect, contain, investigate, and recover from security incidents.Nice to have qualifications:
Ford Pro and/or Ford Customer Service domain knowledge. Experience supporting cloud-based platforms in an enterprise environment such as: Google Cloud Platform (GCP), Microsoft Azure, and Amazon Web Services (AWS). Experience using 1 or more SAST/SCA tools like CheckMarx, FOSSA, 42Crunch or BlackDuck Strong working knowledge of Info Sec policy, global purchasing policies and process, GRC component assessment, controls testing, etc. Strong understanding of the OWASP Top 10 security vulnerabilities and remediation techniques Working knowledge of a variety of regulations, control frameworks, and requirements, such as SOX, NIST 800-53, NIST 800-171, ISO 27001 Working knowledge of API Security Security coding experience with languages like Java, Java Script, Python, Ruby or equivalent Strong understanding of Security Engineering concepts around key management, authorization, Cloud Security etc. Experience working with GAO and/or Internal Control Certifications are highly valued (CISSP, CISA, CISM, Master’s degree in cyber security, Computer Science, Software Engineering, or a related field. Security architecture experience collaborating with software product teams. Experience with Git/GitHub or equivalent source control repositories. Experience using a centralized logging solution such as Splunk or Datadog for monitoring and reporting. IT operations, security, and/or infrastructure experience in an enterprise environment. Experience with vulnerability management with understanding of CVEs, CWEs and how to research and manage risks. Comfortable communicating with different levels and audiences effectively to gain attention collaboratively while not causing panic or animosity. A strong drive to keep learning new tools, ideas, techniques and methodologies to change culture to one based on building security and privacy into solutions from inception. Motivated to support compliance to standards and policies as foundational to securityJoin our team as we create the future of the commercial landscape and deliver secure and always-on solutions. We believe in putting people first, working together, and facing challenges head-on.
-
Information Security Engineer
7 days ago
Chennai, India FXCM Full timeJob DetailsWe are seeking a highly skilled Information Security Engineer to join our team. This role is critical in designing, building, and implementing systems and tools to protect our company's electronic information and devices against cyber threats. The ideal candidate will have expertise in developing and maintaining infrastructure that supports...
-
Information Security Engineer
2 weeks ago
Chennai, India FXCM Full timeJob Details We are seeking a highly skilled Information Security Engineer to join our team. This role is critical in designing, building, and implementing systems and tools to protect our company's electronic information and devices against cyber threats. The ideal candidate will have expertise in developing and maintaining infrastructure that supports...
-
Information Security Engineer
1 week ago
chennai, India FXCM Full timeJob Details We are seeking a highly skilled Information Security Engineer to join our team. This role is critical in designing, building, and implementing systems and tools to protect our company's electronic information and devices against cyber threats. The ideal candidate will have expertise in developing and maintaining infrastructure that supports...
-
Information Security Engineer
2 days ago
Chennai, India UNCIA Full timeAbout the company:We are a dynamic enterprise application software product company catering to NBFCs and Banks with a suite of pure-play SaaS products in the Digital Lending space.We offer a comprehensive suite tailored to meet evolving customer needs, primarily focusing on Lending solutions such as SME Lending, Home Finance, and Supply Chain Finance. Uncia...
-
Information Security Operations Eng...
1 month ago
chennai, India Anicalls (Pty) Ltd Full timeCandidate should be able to:• Conduct cybersecurity assessments & evaluate in alignment with the supplier security control framework• Ensure effectiveness of approved controls and drive risk remediations or changes from the previous audit for existing certified suppliers• Demonstrate strong knowledge in IT controls, risk assessments, and assessment of...
-
Information Security
3 weeks ago
Chennai, India Novac Technology Solutions Full timeExperience: 6 - 10 yearsLocation: ChennaiWork Mode: Work from OfficeDevise and Enhance the IT Security Policies and Controls.Involving, Educating, Training all the stakeholders on IT Policies.Plan, lead and execute cyber audits/assessments, which include managing the conduct of audit(s) and ensure that they are delivered on time, on budget, to the required...
-
Information Security
3 weeks ago
Chennai, India Novac Technology Solutions Full timeExperience: 6 - 10 yearsLocation: ChennaiWork Mode: Work from OfficeDevise and Enhance the IT Security Policies and Controls.Involving, Educating, Training all the stakeholders on IT Policies.Plan, lead and execute cyber audits/assessments, which include managing the conduct of audit(s) and ensure that they are delivered on time, on budget, to the required...
-
Information Security Lead
2 weeks ago
Chennai, Tamil Nadu, India Philips Full timeJob TitleInformation Security LeadJob Description#LI-PHILINAbout PhilipsPhilips India Limited is a subsidiary of Royal Philips of the Netherlands, a leading health technology company focused on improving people's health and enabling better outcomes across the health continuum from healthy living and prevention, to diagnosis, treatment and home care. Philips...
-
Information Security Lead
2 weeks ago
Chennai, India Philips Full timeJob TitleInformation Security LeadJob Description#LI-PHILINAbout PhilipsPhilips India Limited is a subsidiary of Royal Philips of the Netherlands, a leading health technology company focused on improving peopleâs health and enabling better outcomes across the health continuum from healthy living and prevention, to diagnosis, treatment and home care....
-
Manager, Information Security
2 weeks ago
Chennai, India Celestica Full timeReq ID:Remote Position: HybridRegion: AsiaCountry: IndiaState/Province: ChennaiCity: Guindy, ChennaiSummaryApplication Security applies the understanding of a broad range of technologies and solutions to support strategic business needs and engages with customers at all levels of the organization to successfully realize the vision. They will lead the...
-
Manager, Information Security
2 weeks ago
Chennai, India Celestica Full timeReq ID:Remote Position: HybridRegion: AsiaCountry: IndiaState/Province: ChennaiCity: Guindy, ChennaiSummaryInformation Security - OT Security applies the understanding of a broad range of technologies and solutions to support strategic business needs and engages with customers at all levels of the organization to successfully realize the vision. They will...
-
Manager, Information Security
3 weeks ago
Chennai, India Celestica Full timeReq ID: Remote Position: Hybrid Region: Asia Country: India State/Province: Chennai City: Guindy, Chennai Summary Application Security applies the understanding of a broad range of technologies and solutions to support strategic business needs and engages with customers at all levels of the organization to successfully realize the vision....
-
Advisor, Information Security
1 month ago
Chennai, India TransUnion Full timeTransUnion's Job Applicant Privacy Notice **What We'll Bring**: At TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation. We are consistently exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering...
-
Manager, Information Security
3 weeks ago
Chennai, India Celestica Full timeReq ID: Remote Position: Hybrid Region: Asia Country: India State/Province: Chennai City: Guindy, Chennai Summary Information Security - OT Security applies the understanding of a broad range of technologies and solutions to support strategic business needs and engages with customers at all levels of the organization to successfully realize...
-
Manager, Information Security
2 weeks ago
chennai, India Celestica Full timeReq ID:Remote Position: HybridRegion: Asia Country: India State/Province: Chennai City: Guindy, Chennai Summary Information Security - OT Security applies the understanding of a broad range of technologies and solutions to support strategic business needs and engages with customers at all levels of the organization to successfully realize...
-
Manager, Information Security
2 weeks ago
chennai, India Celestica Full timeReq ID:Remote Position: HybridRegion: Asia Country: India State/Province: Chennai City: Guindy, Chennai Summary Application Security applies the understanding of a broad range of technologies and solutions to support strategic business needs and engages with customers at all levels of the organization to successfully realize the vision. They...
-
Information Security Officer
4 weeks ago
Chennai, India Daimler India Commercial Vehicles Full timePosition Overview:The Information Security Officer (ISO) will be responsible for developing, implementing, and overseeing information security protocols and practices within DICV.The ISO will collaborate with various departments to ensure compliance with industry regulations, identify potential vulnerabilities, and mitigate risks to safeguard our systems,...
-
Information Security Manager
3 weeks ago
chennai, India Flintex Consulting Pte Ltd Full timeJob Description Job Description: Information Security Manager Job Summary & Core Requirements • Minimum 5 years' experience in IT Governance and Cyber Security as HOD (mandatory)• Vendor industry experience (mandatory)• Hands on and ability to implement security technical solutions (mandatory)• Manage communication with MAS auditor, incident...
-
Information Security Manager
3 weeks ago
Chennai, India Flintex Consulting Pte Ltd Full timeJob DescriptionJob Description:Information Security ManagerJob Summary & Core Requirements• Minimum 5 years' experience in IT Governance and Cyber Security as HOD (mandatory)• Vendor industry experience (mandatory)• Hands on and ability to implement security technical solutions (mandatory)• Manage communication with MAS auditor, incident reporting,...
-
Information Security Manager
3 weeks ago
Chennai, India Flintex Consulting Pte Ltd Full timeJob DescriptionJob Description: Information Security Manager Job Summary & Core Requirements• Minimum 5 years' experience in IT Governance and Cyber Security as HOD (mandatory)• Vendor industry experience (mandatory)• Hands on and ability to implement security technical solutions (mandatory)• Manage communication with MAS auditor, incident...
