Gathering your results ...
Job Details
Cybersecurity Engineer
Ford Motor Company Dearborn, MI30+ days
Not Specified
Not Specified
Not Specified
<p>We are the movers of the world and the makers of the future. We get up every day, roll up our sleeves and build a better world -- together. At Ford, we're all a part of something bigger than ourselves. Are you ready to change the way the world moves?</p> <p>Enterprise Technology plays a critical part in shaping the future of mobility. If you're looking for the chance to leverage advanced technology to redefine the transportation landscape, enhance the customer experience, and improve people's lives, this is the opportunity for you. Join us and challenge your IT expertise and analytical skills to help create vehicles that are as smart as you are.</p> <p>This position will be involved in developing/engineering SIEM/SOAR and unified security & risk management solutions across the current and future security portfolio, with a strong initial focus on Google SecOps and Security Command Center. The ideal candidate should have experience configuring, managing, and optimizing Google SecOps and Security Command Center to support a mature SOC. This role involves working closely with IT security teams to enhance our security posture while ensuring compliance with industry standards and best practices.</p> <p>Enterprise Technology is looking for a security engineer to develop/engineer solutions within our Cybersecurity platforms in support of our Cyber Defense Organization.</p> <p>What you'll do...</p> <ul> <li> <p>SIEM Solution Design and Implementation:</p> </li><li> <p>Designing and deploying secure, scalable Google SecOps architectures, including log ingestion pipelines and integration with existing IT infrastructure</p> </li><li> <p>Configuring and managing log ingestion from various sources, ensuring data normalization and efficient analysis within Google SecOps.</p> </li><li> <p>Design, Build, and Maintain SIEM Data Pipelines:</p> </li><li> <p>Design and develop robust, scalable, and automated data pipelines to ingest, process, transform, and store security logs and events from diverse sources (e.g., servers, firewalls, applications, cloud platforms) into the SIEM platform.</p> </li><li> <p>Develop and implement data parsing rules, enrichment processes, and data normalization techniques to ensure data quality and consistency within the SIEM.</p> </li><li> <p>Integrate new data sources into the SIEM, including connecting to APIs, databases, streaming data sources, and cloud platforms.</p> </li><li> <p>Collaborate with various teams (e.g., development, operations, cloud services) to understand logging requirements, define logging standards, and ensure the appropriate data is collected.</p> </li><li> <p>Optimize SIEM Data Pipelines:</p> </li><li> <p>Monitor data pipeline performance, identify bottlenecks, and implement optimizations to improve efficiency, reduce latency, and ensure timely data availability for security analysis.</p> </li><li> <p>Tune log sources and correlation rules to reduce false positives, minimize noise, and enhance the accuracy of threat detection.</p> </li><li> <p>Develop and implement best practices for SIEM and SOAR (Security Orchestration, Automation, and Response) content management and development.</p> </li><li> <p>Explore and implement automation opportunities to improve analyst alert handling, streamline security operations, and reduce manual intervention.</p> </li><li> <p>SIEM Administration and Support:</p> </li><li> <p>Maintain the health, performance, and tuning of the SIEM platform.</p> </li><li> <p>Troubleshoot issues related to log sources, data ingestion, parsing failures, and other SIEM platform issues.</p> </li><li> <p>Security Command Center (SCC) responsibilities:</p> </li><li> <p>Managing access to Security Command Center features through IAM roles, allowing granular control over who can view, edit, or manage findings and assets</p> </li><li> <p>Ensuring that Security Command Center settings are configured and maintained to support the organization's security needs.</p> </li><li> <p>Connecting with other Google Cloud products and third-party tools for a more complete security posture</p> </li></ul> <p>What you'll do...</p> <ul> <li> <p>SIEM Solution Design and Implementation:</p> </li><li> <p>Designing and deploying secure, scalable Google SecOps architectures, including log ingestion pipelines and integration with existing IT infrastructure</p> </li><li> <p>Configuring and managing log ingestion from various sources, ensuring data normalization and efficient analysis within Google SecOps.</p> </li><li> <p>Design, Build, and Maintain SIEM Data Pipelines:</p> </li><li> <p>Design and develop robust, scalable, and automated data pipelines to ingest, process, transform, and store security logs and events from diverse sources (e.g., servers, firewalls, applications, cloud platforms) into the SIEM platform.</p> </li><li> <p>Develop and implement data parsing rules, enrichment processes, and data normalization techniques to ensure data quality and consistency within the SIEM.</p> </li><li> <p>Integrate new data sources into the SIEM, including connecting to APIs, databases, streaming data sources, and cloud platforms.</p> </li><li> <p>Collaborate with various teams (e.g., development, operations, cloud services) to understand logging requirements, define logging standards, and ensure the appropriate data is collected.</p> </li><li> <p>Optimize SIEM Data Pipelines:</p> </li><li> <p>Monitor data pipeline performance, identify bottlenecks, and implement optimizations to improve efficiency, reduce latency, and ensure timely data availability for security analysis.</p> </li><li> <p>Tune log sources and correlation rules to reduce false positives, minimize noise, and enhance the accuracy of threat detection.</p> </li><li> <p>Develop and implement best practices for SIEM and SOAR (Security Orchestration, Automation, and Response) content management and development.</p> </li><li> <p>Explore and implement automation opportunities to improve analyst alert handling, streamline security operations, and reduce manual intervention.</p> </li><li> <p>SIEM Administration and Support:</p> </li><li> <p>Maintain the health, performance, and tuning of the SIEM platform.</p> </li><li> <p>Troubleshoot issues related to log sources, data ingestion, parsing failures, and other SIEM platform issues.</p> </li><li> <p>Security Command Center (SCC) responsibilities:</p> </li><li> <p>Managing access to Security Command Center features through IAM roles, allowing granular control over who can view, edit, or manage findings and assets</p> </li><li> <p>Ensuring that Security Command Center settings are configured and maintained to support the organization's security needs.</p> </li><li> <p>Connecting with other Google Cloud products and third-party tools for a more complete security posture</p> </li></ul>
POST A JOB
It's completely FREE to post your jobs on ZiNG! There's no catch, no credit card needed, and no limits to number of job posts.
The first step is to SIGN UP so that you can manage all your job postings under your profile.
If you already have an account, you can LOGIN to post a job or manage your other postings.
Thank you for helping us get Americans back to work!
It's completely FREE to post your jobs on ZiNG! There's no catch, no credit card needed, and no limits to number of job posts.
The first step is to SIGN UP so that you can manage all your job postings under your profile.
If you already have an account, you can LOGIN to post a job or manage your other postings.
Thank you for helping us get Americans back to work!