This is a Cyber Security position within the IT organization. The successful candidate will be working with a global team to deliver process improvement including the modification, design and implementation of GRC processes.
Establish, develop and advise on the Statement of Applicability (SoA) Control Review Process to internal 2nd line defense personnel and project teams.
Support the implementation and ongoing cadence of the Common Control Library Governance process
Create and publish supporting documentation for new/updated processes.
Create and deliver audience specific training and communications for new/updated processes to IT and Business partners.
Support alignment with / transition to future Governance, Risk and Compliance (GRC) tool.
Work effectively with cross-functional and cross regional stakeholders with varying levels of business/technical skills.
Consider future security industry trends to set Ford security and controls strategy .
Serve as a functional mentor for security and controls process to the enterprise 2nd line of defense.
Collect sufficient quantitative and qualitative data to accurately describe the current state, desired state, and root cause(s) of gaps, with guidance from others.
Analyze the future needs of customers and the outcomes they desire, and translate these into novel product, service or process opportunities, leading to sustaining innovation.
Address potential business/financial impacts, inter-related systems and risks associated with new ideas and approaches.
Identify risks and issues across the multiple projects that form complex programs and large projects and support their mitigation.
Engage stakeholders to gain consensus on shared vision of project outcomes.
Anticipate up and down stream impacts and predicts/addresses obstacles.
Identify and assist in the resolution of conflicting business goals and systemic issues to enable business value realization.
Propose corrective actions to address management and governance problems within the program or project.
5+ years of experience working with control review processes
5+ years of experience working with ISO 27001/2 standards, Information Security policies, risks and controls
3+ years of experience in project management methods and framework
Bachelor degree in Information Assurance/Security field
Understanding of Compliance and Regulatory requirements e.g. (S-Ox, HIPAA, GLBA etc.)
Knowledge of Application Development lifecycles
Excellent verbal and written communication
Self-Starter who can work in ambiguous situations and drive to a solution
Strong organizational skills; able to advance multiple work streams concurrently
Process Improvement mindset
Prior experience working on Governance, Risk and Compliance (GRC) tool would be a plus
Project management methods and framework
Able to function as a delivery lead for key program elements associated with the position
The distance between imagination and …. Creation. It can be measured in years of innovation, or in moments of brilliance. And, it can be a road you start traveling right now. When you join Ford Motor Company, your journey begins. You become part of a team that is already leading the way, with ingenious solutions and attainable products – and it is always ready to go further.
Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position.
Ford Motor Company is an equal opportunity employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. Ford Motor Company also is committed to take affirmative action to employ and advance in employment such persons