Ford’s IT organization is broadening its core competency within the area of Embedded Cyber Security in the automotive environment. We are both researching and reviewing new enterprise-wide features and technologies, as well as providing frameworks, processes and tools to help the research.
Technology is advancing, connection mechanisms are growing, and consumers and hackers are becoming more sophisticated. With increasing networking between modules and access points into the vehicle, the attack surface has increased thereby opening up new potential vulnerabilities. Automobiles are no longer mere mechanical devices but are controlled by dozens of digital computers coordinated by internal networks. While all this technology has allowed for better personalized experiences, seamless integration into a person’s lifestyle, differential services, predictive diagnostics and safer driving conditions, the increase in complexity drives the need for advanced security and data solutions.
We are exploring the role of advanced embedded computing platforms, coupled with cloud-based services, to deliver applications which will redefine the experience of owning, maintaining, driving and interacting with Ford Motor Company vehicles. Security needs to be built into each of these growing technologies.
The ideal candidate will have outstanding security design analytical skills and the ability to work in a fast-paced, collaborative environment. We are looking for exceptionally creative, motivated and talented Cyber Security engineers to join our team to evaluate and develop advanced features, toolkits and consult on security-related architectures. We collaborate extensively with Ford and with external partners, thus we require exceptional communication and collaborative skills.
Work tasks span use case development, through the development of Proof-of-Concept solutions, vehicle integration and finally delivery of features and processes to the Product Development organization.
Develop concepts and solutions around related Cyber Security incidents reported in industry and research organizations.
Understand the exploit and report back findings so new requirements, testing or processes can be updated to avoid future risk. Storyboards, use cases, proof-of-concept demonstrations, specifications and requirements development experience
Development and maintenance of tools (e.g. Fuzzing) for use in internal vehicle penetration testing
Threat Analysis and Risk Assessment tool/modeling
Lead technology and security feature projects. Deliver to internal customers.
Actively ideate and invent new security techniques or countermeasures for in-vehicle products
Own and manage cybersecurity specifications. Provide consultation and help troubleshoot systems.
Perform competitive analyses and maintain knowledge of emerging technologies in both the automotive and consumer electronics field
Develop security roadmap (near-term, mid-term and long-term focus) as it relates to Security and Safety Features
Actively work with Security Partners, Research and Government for information sharing, joint project development, and reporting
Some travel expected to cover critical Cyber Security Conferences or meet with other non-local team members
3 years’ Security experience or CISSP certified (academic work around cybersecurity counts towards experience
Has some experience/knowledge of upcoming embedded module security design and knowledge of new technologies/features (Car Sharing, Autonomous Vehicle, Third party automotive devices, etc.)
Experience with writing requirements, test procedures and use case development
General understanding of CAN network, Ethernet, firewalls and secure architecture development
Knowledge with cryptographic algorithms and protocols
Use of IDA Pro, fuzz testers, network analyzer, CAN Network Tools, threat modeling and risk management tools
Knowledge with PKI management
Experience with Secure Coding Techniques
Experience with embedded hardware and software security knowledge
Knowledge of digital and wireless communication and familiarity with communication technologies such as TCP/IP, Ethernet, Bluetooth, WiFi, DSRC and CAN
Basic interest and knowledge about geographical technologies such as GPS, maps, geofencing and POIs as well as privacy risk associated with these technologies
Self-motivated with the ability to manage multiple tasks. Excellent communication skills.
The distance between imagination and … creation. It can be measured in years of innovation, or in moments of brilliance. When you join the Ford team, you discover all the benefits, rewards and development opportunities you’d expect from a diverse global leader. You’ll become part of a team that is already leading the way, with ingenious solutions and attainable products – and it is always ready to go further.
Candidates for positions with Ford Motor Company must be legally authorized to work in the United States on a permanent basis. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position.
Ford Motor Company is an equal opportunity employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status.