More jobs:
Compliance- Product Cybersecurity, Ford Energy
Job in
Dearborn, Wayne County, Michigan, 48120, USA
Listed on 2026-06-25
Listing for:
Ford Motor Company
Full Time
position Listed on 2026-06-25
Job specializations:
-
IT/Tech
Cybersecurity
Job Description & How to Apply Below
As the Product Cybersecurity Compliance Analyst, you will play a critical role in securing Ford Energy's grid-scale and commercial systems. You will implement, validate, and optimize cybersecurity compliance across our product ecosystems, ensuring that our cutting-edge hardware and software platforms remain resilient against evolving threats.
In this high-impact position, you will support immediate product security initiatives, ensuring both third-party components and internal software developments adhere to rigorous security standards. By leading supply chain risk management, secure development practices, and vulnerability remediation tracking, you will safeguard the infrastructure powering the next generation of the American grid.
Ford Energy is a newly formed, wholly-owned subsidiary of Ford Motor Company dedicated to accelerating U.S. energy independence. Leveraging Ford's century of manufacturing excellence and world-class battery energy storage systems (BESS) technology, Ford Energy designs, manufactures, and services grid-scale and commercial DC battery energy storage systems (BESS). Ford Energy is uniquely positioned to capture the growing demand for reliable, US-built energy storage systems.
We are not just building batteries; we are building the infrastructure for the next generation of the American grid. Why Ford Energy? At Ford Energy, you have the backing of an industrial manufacturing powerhouse with the agility of a dedicated energy startup offering industry leading technology. We offer a competitive compensation package including performance-based bonuses, Ford vehicle discounts, and the opportunity to shape the energy strategy of one of the world's most iconic brands.
What you'll do...
Key Responsibilities:
* Supply Chain & Third-Party Governance:
Conduct detailed cybersecurity risk assessments on third-party software, hardware, and cloud suppliers. Review Software Bills of Materials (SBOMs), vendor security postures, and supply chain risk profiles to ensure alignment with company security requirements.
* Secure Development Practices:
Collaborate with product engineering teams to integrate secure software development lifecycle (SSDLC) practices. Promote threat modeling, secure code reviews, and automated security testing (SAST/DAST) across development pipelines.
* Security & Compliance Requirements:
Interpret, define, and map product security and compliance requirements against global standards and regulations (e.g., UNECE WP.29 R155/R156, ISO/SAE 21434, ISO 27001, NIST SP 800-53).
* Vulnerability Remediation & Tracking:
Lead the end-to-end tracking, prioritization, and remediation of product and third-party vulnerabilities. Coordinate with engineering teams to monitor patch management life cycles and report on compliance metrics.
* Audit & Evidence Collection:
Manage and maintain compliance documentation and evidence artifacts for internal audits and external regulatory submissions (e.g., vehicle type approvals and energy sector certifications).
* Operational Excellence:
Establish and optimize compliance dashboards, KPIs, and reporting mechanisms to track product cybersecurity posture and compliance scores.
* Collaboration &
Innovation: Partner closely with Purchasing, Legal, Product Engineering, and enterprise IT security teams to drive a unified risk management strategy. Apply automated tools and modern approaches to scale supply chain risk assessments and vulnerability tracking processes.
What you'll do...
Key Responsibilities:
* Supply Chain & Third-Party Governance:
Conduct detailed cybersecurity risk assessments on third-party software, hardware, and cloud suppliers. Review Software Bills of Materials (SBOMs), vendor security postures, and supply chain risk profiles to ensure alignment with company security requirements.
* Secure Development Practices:
Collaborate with product engineering teams to integrate secure software development lifecycle (SSDLC) practices. Promote threat modeling, secure code reviews, and automated security testing (SAST/DAST) across development pipelines.
* Security & Compliance Requirements:
Interpret, define, and map product security and compliance requirements against global standards and regulations (e.g., UNECE WP.29 R155/R156, ISO/SAE 21434, ISO 27001, NIST SP 800-53).
* Vulnerability Remediation & Tracking:
Lead the end-to-end tracking, prioritization, and remediation of product and third-party vulnerabilities. Coordinate with engineering teams to monitor patch management life cycles and report on compliance metrics.
* Audit & Evidence Collection:
Manage and maintain compliance documentation and evidence artifacts for internal audits and external regulatory submissions (e.g., vehicle type approvals and energy sector certifications).
* Operational Excellence:
Establish and optimize compliance dashboards, KPIs, and reporting mechanisms to track product cybersecurity posture and compliance scores.
* Collaboration &
Innovation: Partner closely with…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×