Job Description We are building a world-class penetration testing /ethical hacking team @ Ford. We are looking for an ambitious, highly technical, and self-driven offensive security professional to deepen the technical expertise of our team. This position is for an experienced senior team member that can engage quickly, mentor junior team members, and desires to revolutionize how we enable security for our connected vehicles, mobility solutions, and mobility partners. We want innovators. People who love what they do and ardent about solving hard problems in embedded hardware, automotive, mobile application and/or network security.
A successful candidate will be passionate about security, driven to chart untraversed territory, and committed to being a part of a world-class team. You will be responsible for independently developing tools, techniques, and leveraging subject matter expertise to drive connected and autonomous mobility security assessments. The primary focus will be technical by leading security assessments with little oversight and leading teams to deepen expertise.
Scoping of embedded hardware or automotive penetration tests, use cases, and timing
Development of ‘rules of engagement’ with partners and develop mutually beneficial outcomes with internal partners
Embedded hardware, In Vehicle Automotive, Network, and/or Application testing, to include black box, code reviews, and reverse engineering
In-vehicle, network and software architecture reviews and guidance
Develop and communicate recommendations on findings remediation
Continuous improvement of testing processes and methodologies
Coordinate and function as a subject matter expert to third-party penetration testing efforts, as needed
4+ years of experience in penetration testing
6+ years of professional experience in computer security / software development / networking and systems administration
Bachelor’s / Master’s Degree in Information Security, Computer Science, or Electrical Engineering highly preferred
Expertise in Automotive Networks (CAN, CAN-FD LIN, MOST, FLEXRAY) and automotive network exploitation (vehicle Spy, Cantact)
Experience or exposure to Hardware reverse Engineering and/or memory extraction techniques (JTAG, Chip Off, Onboard)
Experience or deep exposure to Software Reverse Engineering (IDA, Radare2, BinaryNinja)
Experience or deep exposure to RF signal analysis and exploitation (BT, BLE, 802.11X, LTE)
Advanced Web technology knowledge (i.e., HTTP, HTML, SQL)
Advanced knowledge of the detection, exploitation, and prevention of software vulnerabilities (i.e., SQL injection, XSS, buffer overflows)
Exceptional communication skills, both oral and written
Excellent self-tasking skills
Intermediate administration skills for Windows and/or Unix systems
For infrastructure-focused engagements: Intermediate TCP/IP networking knowledge (including networking architecture, device configuration, and operational practices)
For application-focused engagements: Intermediate software development knowledge (including programming languages, application architecture, and development processes
The distance between imagination and … creation. It can be measured in years of innovation, or in moments of brilliance. When you join the Ford team discover all the benefits, rewards and development opportunities you’d expect from a diverse global leader. You’ll become part of a team that is already leading the way, with ingenious solutions and attainable products – and it is always ready to go further.
Candidates for positions with Ford Motor Company must be legally authorized to work in the United States on a permanent basis. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position.
Ford Motor Company is an equal opportunity employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status.