Cyber Security Threat Analyst

As a member of the Cyber Security Data Protection Service, your mission is to enable a securely connected digital business by preventing data breaches and identifying security risks. The Insider Threat Program is a high-visibility initiative focused on monitoring and responding to behavioral indicators that could pose a risk to the company. You will leverage industry best practices and advanced security telemetry to identify potential concerns across various departments, including Human Resources, Legal, and Global Security. This role offers the opportunity to support regional expansion, manage vendor relationships, and contribute to the future state roadmap of Ford's cybersecurity strategy, ensuring Ford remains the world's most trusted company.

At Ford Motor Company, we believe freedom of movement drives human progress. With our incredible plans for the future of mobility, we have a wide variety of opportunities for you to accelerate your career and help us define tomorrow's transportation.

We believe that freedom of movement drives human progress. Ford Information Technology (IT) is shaping the future of mobility by redefining the transportation landscape, enhancing the customer experience and improving people's lives. Join the Ford family as we change the way the world moves.

Experience & Education

• Bachelor Degree in Engineering, Actuarial Science, or related.
• At least 2 years of direct experience in cybersecurity operations, threat analysis, or a related role (e.g., SOC, threat hunting, intelligence analysis).
• English very fluent, capable to have a fluid conversation with no problem (the interviews will be handled fully in English)

Technical Skills

• Proficiency in network and/or host-based intrusion analysis to identify and respond to threats.
• Experience in packet analysis, metadata analysis, or log correlation for threat detection.
• Familiarity with Root Cause Analysis (RCA), SPLUNK, SOC/NOC operations, and risk management.
• Experience working with security telemetry, logs, or threat intelligence platforms to support investigations.
• Ability to conduct in-depth analysis by correlating data from multiple sources to assess threat actor activity.
• DLP
• Red Team
• CTI
• CDC experience
• Forensics

Soft Skills

• Communication: Strong English communication skills (written and verbal) to document challenges in event tracking and classification.
• Critical Thinking: Exceptional analytical skills with keen attention to detail.
• Collaboration: Proven ability to work effectively within a globally distributed team environment.

Must Have

• Proven experience in event correlation and leveraging security tools for the identification and analysis of suspicious behavioral indicators.
• Strong knowledge of Insider Threat Behavioral Models.

Nice to Have

• Global Counter Insider Threat Professional (GCITP) Certification.
• CERT SEI Insider Threat Analyst or Program Manager Certification.
• CISSP (Certified Information Systems Security Professional).

DISCLAIMER: Ford Motor Company is an Equal Opportunity Employer, as we are committed with a diverse workforce, and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran and basis of disability.

• Threat Detection & Analysis: Monitor and analyze data from Human Resources, Legal, Global Security, and other information sources to identify and mitigate potential insider threat concerns.
• Case Management: Prepare and maintain detailed insider threat reports and comprehensive case files for review by stakeholders.
• Cross-Functional Collaboration: Work closely with colleagues in Compliance, Special Investigations, Privacy, Legal, IT, and HR to communicate complex technical information to both technical and non-technical audiences.
• Stakeholder Management: Establish strong relationships with stakeholders to ensure program requirements are understood and issues are resolved efficiently.
• Trend Reporting: Develop and deliver stakeholder briefings on trend analysis and identify new opportunities for program maturation.
• Process Optimization: Keep monitoring, triage, and test case processes updated to reflect the changing threat landscape.
• Regional & Strategic Support: Support regional expansion activities, assess new security technologies, and contribute to the future state roadmap and other data security projects.
• Vendor Management: Manage supplier/vendor relationships and process purchase orders related to the Insider Threat Program.