SaaS Cybersecurity Specialist

Overview

We are the movers of the world and the makers of the future. We get up every day, roll up our sleeves and build a better world -- together. At Ford, we’re all a part of something bigger than ourselves. Are you ready to change the way the world moves?

Join Ford's Enterprise Cyber Security SaaS Security team, a critical unit dedicated to safeguarding our extensive portfolio of SaaS solutions. We collaborate closely with various security and SaaS service teams to proactively identify, assess, and remediate security vulnerabilities within Ford's cloud-based applications. This team focuses on enhancing Ford’s SaaS security posture by identifying, onboarding, and integrating SaaS solutions with security tools, and by developing, implementing, and managing robust security policies within platforms such as App Omni and Microsoft Defender for Cloud Apps (MDCA).

• Identifying, onboarding, and evaluating SaaS solutions onto our security tools and functions to enhance security around Ford-used SaaS solutions.
• Developing and managing security policies in advanced security tools, including App Omni and Microsoft Defender For Cloud Apps (MDCA).
• Collaborating with SaaS Security team members and cross-functional teams to proactively identify, analyze, and resolve SaaS security issues, ensuring a robust and secure environment.
• Partnering and leading remediation efforts with EPEO Services teams and other stakeholders to mitigate identified security risks and ensure timely resolution.
• Driving the enforcement and continuous improvement of SaaS Security Compliance Standards across Ford's diverse SaaS landscape.
• Designing, developing, and implementing robust automation solutions for critical security workflows, audits, and policy management within App Omni, MDCA, and exception handling processes.
• Leading the technical evaluation and strategic adoption of new security tools and technologies to address emerging security gaps and enhance defense capabilities.

• Bachelor's degree in Computer Science, Information Technology or related OR a combination of education and experience.
• 5+ years of scripting and automation experience.
• Proven experience in developing and implementing automation using scripting languages such as Python, Power Shell, or Go, particularly for API integrations, security tool orchestration, and custom audit scripts.
• Solid understanding and practical experience with Git and Git Hub for version control, collaborative development, and security automation pipeline management.
• Familiarity with CI/CD pipelines and automated deployment tools (e.g., Jenkins, Azure Dev Ops, Git Hub Actions) to integrate security automation into the software development lifecycle.
• Knowledge of Infrastructure-as-Code (IaC) principles and tools like Terraform.
• Customer-centric mindset with a strong commitment to collaboration and team success.
• Proactive self-starter with a continuous learning aptitude, capable of quickly adapting to new technologies and threats.
• Excellent verbal and written communication skills with the ability to articulate complex security concepts to technical and non-technical audiences.
• Exceptional problem-solving and analytical reasoning skills to diagnose and resolve intricate security challenges.
• Strong drive for results, demonstrating the ability to manage multiple priorities and work effectively both independently and as part of a team.
• Unwavering commitment to quality and adherence to project timelines and deliverables.
• Practical familiarity with Agile project planning methodologies and hands-on experience using Jira for task tracking and project management in a security context.
• Proficiency in documenting technical processes, procedures, and security configurations to ensure maintainability and knowledge transfer.

• Deep hands-on experience with SaaS Security Posture Management (SSPM) and Cloud Access Security Broker (CASB) tools, specifically App Omni and MDCA, including policy development, incident response, and integration.
• Proficiency in Microsoft Entra (formerly Azure AD) for identity and access management within SaaS environments.
• Comprehensive understanding of security…