Cyber Defense Analyst

Job Category Enterprise Technology Degree Level Bachelor s Degree or equivalent JOB DESCRIPTION At Ford Motor Company we believe freedom of movement drives human progress We also believe in providing you with the freedom to define and realize your dreams With our incredible plans for the future of mobility we have a wide variety of opportunities for you to accelerate your career potential as you help us define tomorrow s transportation This role will be focused on operating and improving Ford s Cyber Defense Center CDC efforts within the Office of the CETO organization The CDC mission is to provide proactive and reactive security services to protect Ford Motor Company Global digital information assets from compromise Ford Motor Company must be able to respond to information security-related incidents in a manner that protects corporate information and ensures the protection of additional information which might be affected by the incident The Threat Integration Analyst is focused on integrating threat and intelligence information across Ford s security landscape including SIEM SOAR EDR Intelligence and other tools in order to protect any Ford Motor Company asset or asset of any subsidiary or joint venture worldwide Successful candidates must have a significant interest in the Cyber Defense background The candidate should display strong technical depth that spans cloud network and hosts Experience in understanding modern computing vulnerabilities attack vectors and exploits is recommended Leadership behaviors must include solid oral and written communications skills focus on teamwork and a high level of personal integrity In this role candidate will understand existing and emerging threat actors and be able to identify rapidly changing tools tactics and procedures of attacks Candidates must be willing to work a Hybrid work pattern with a 4 day in-office schedule Responsibilities RESPONSIBILITIES What you ll be able to do Develop and implement in Python SOAR orchestration to integrate logs events data feeds execute Incident Response actions etc Create enhance and tune curated and custom SIEM threat detections Partner with IT Operations teams for current and future log source ingestion and parsing into SIEM and SOAR environments Technical project management for software upgrades and maintenance using the AGILE framework Qualifications QUALIFICATIONS The minimum requirements we seek Bachelor s degree in a computer related field Highly capable Python programming skills focused on Rest API s for organizing and moving data across myriad platforms and tooling 2 years of experience with SIEM tools with preference for Chronicle Strong deductive reasoning critical thinking problem solving and prioritization skills Experience in a fast paced high stress support environment able to work with a sense of urgency and pay attention to detail Solid and demonstrable comprehension of Information Security including malware emerging threats attacks and vulnerability management Our preferred requirements 2 years prior SOC operational experience Sound understanding of Cloud TCP IP and networking concepts In depth knowledge of servers clients various computer peripherals network and or Storage technologies Thorough knowledge of multiple operating systems specifically Windows and Mac or Linux Familiar with Ford Computing Infrastructure and application development life cycle SDM Demonstrate high level of independent initiative drive for results quality methods and integrity