Interested candidate should have experience in Anti-malware, Endpoint protection, XDR, IPS/IDS and managing one of the SaaS platform such as Trend Micro, MS Defender Cloud, Threat Connect, Chronicle with hands-on with any one cloud provider (GCP, AWS, Azure), and automation.

A relevant Bachelor's or Master’s Degree in engineering/computer applications 5+ years of experience as a Security Engineer with a focus on using tools like Trend Micro, Microsoft Defender, SentinelONE or Crowdstrike. 2+ years of Experience in integrating various cyber security data sources with SIEM and SOAR. Working experience or Knowledge in Server OS like Ubuntu, RHEL, or Windows 2+ years of experience in application/API development (Python Flask or FastAPI or Java or Node JS) Basic experience in JavaScript, HTML5,CSS, etc. Knowledge of GCP or Azure or AWS and configuring infrastructure using infrastructure-as-a-code libraries like Terraform, Ansible, etc. Experience working in an Agile development environment Understanding of Dev(Sec)Ops best practices highly advantageous In-depth knowledge of cybersecurity principles, practices, and technologies. Strong communication skills The courage to promise and commitment to deliver, whatever it takes. Keen attention to detail. Pro-active, independent, resourceful, able to work in a team environment and work independently with minimal supervision

Positive and passionate personality, with a zest for life outside of work (we truly mean it. And measure it too!)

WOULD BE GREAT IF YOU ALSO BRING:

Security Certifications: Experience with SaaS products in one of the following: Certified Information Systems Security Professional (CISSP) or  Microsoft Certified: Security Operations Analyst Associate or Trend Micro Certified Professional for Deep Security GCP: Professional Cloud Security Engineer Trend Micro Cloud ONE & Vision ONE Microsoft Defender Cloud Sentinel ONE Crowdstrike Provide end-to-end support (engineering and operations) for cybersecurity services installed on servers and clients deployed across Ford’s corporate data centers, manufacturing plants, and regional sites.  Act as an advocate and liaison with Cyber Défense analysts to understand their requirements and use cases, and to design, develop, and automate security solutions. Collaborate with Platform vendors to coordinate distribution of regular updates/patches to clients and platform. Test and implement vendor product upgrades. Work with various infrastructure and application support teams to provide technical direction and address security issues. Implement and customize security scans for individual clients and servers. Design, test, and implement security policies for critical Enterprise Infrastructure. Automate repeatable tasks and workflows to improve process efficiency by developing APIs/scripts and deploying to the cloud. Implement SRE for Platform services, capabilities/features to achieve availability and reliability.  Implement ZeroTrust capabilities across all device pillars to reduce and maintain non-compliance devices. Experience in integrating various cyber security data sources with SIEM and SOAR in Chronicle Ensure that endpoint security systems are configured and maintained in accordance with security best practices and industry standards. Respond to security infrastructure and Cyber team’s incidents. Research and evaluate new security technologies and make recommendations for implementation. Stay up-to-date on the latest security trends and developments and maintain a high level of technical expertise in the field of endpoint security.