The IT Security & Controls Senior Analyst is a crucial member of the IT team, responsible for understanding and supporting the financial entity's security posture and compliance requirements with relevant regulations and industry best practices. This role requires a blend of technical expertise, analytical skills, and a strong understanding of security principles, risk management frameworks, and compliance regulations.
This is a leadership role demanding strong communication, analytical, and problem-solving skills, providing guidance and mentoring for Security & Controls Junior analysts.
Reasons to join Ford: Belong to a leading company in the Automotive industry globally with more than 120 years in the market.Full-time fixed contract, with a competitive starting compensation and a benefits package (restaurant card, discounts...)Work-life balance: 33 vacation days and work under a hybrid model (2/3 days a week)Career Development path - being part of high-impact projects which would allow you to improve your technical skills and develop.
The people of Ford Motor Credit Company have a 60-year commitment to helping put people behind the wheels of great Ford and Lincoln vehicles. By partnering with dealerships, we provide financing, personalized service, and professional expertise to five thousand dealers and more than four million customers in over 100 countries around the world. If you're customer-focused, driven, and seeking the opportunity to experience exciting challenges and growth, look no further.
Responsibilities: Engage at Group level (Ford Motor Company, Ford Motor Credit Company) on new control policies, standards, and guidelines, advising Software Engineering teams through understanding of the Corporate Information Security Policies.Conduct Security & Risk assessments of Third-party ICT service providers, ensuring compliance with the most up-to-date and highest quality information security standards.Identify and report compliance gaps with relevant security regulations and industry standards (e.g., SOX, GDPR, DORA, NIST).Lead remediation of complex IT Security & Controls related audit findings and internally identified control gaps, including high-level coordination of corrective actions and defining learnings and best practices.Identify/recommend and present material on various topics to support in-house security & controls awareness & training, or related reporting required at FCE committee meetings. Cyber Security: FCE representative at FS-ISAC (Financial Services Information Sharing and Analysis Center) events and seminars.Engage with Global Ford Credit security teams and central FMC Cyber Defence Team, contributing to long and short term strategy updates.Research latest cyber trends and offer insights and suggestions for enhancing cyber security and defence within FCE IT.Attend external seminars and expo events in relation to cyber security and present findings back to the FCE IT Cyber Team and Software Engineering teams.Responsible for FCE Cyber Incident Response Plan, and its awareness by the Cyber Incident Response Team (CIRT). Knowledge, Skills & Abilities: Strong controls mindset, with proven experience (+3 years) in IT Security function or equivalent experiences.Familiarity with ICT related regulations (SYSC8, PRA, EBA, BaFin, DORA).Demonstrable experience with SOC 2 Type II reports, ISO 27001 or similar standards.Good understanding of cybersecurity threats and best practices, including knowledge of common attack vectors, security controls, and incident response procedures.Strong prioritization, coordination, organizational and communication skills, with a proven ability to balance workload and competing demands to meet deadlines.Clear and concise writing skills for creating reports and documentation, including security requirements, procedures, and policies.Excellent verbal and written communication skills in English (minimum of B2-Upper Intermediate Level), with the ability to communicate and facilitate discussions with diverse audiences.Critical thinking skills to assess risks and develop security solutions.Experience in a regulated, financial environment.Understanding of the overall business of Ford Credit.Experience in educating others and sharing awareness at different levels in the organization. Qualifications & Background: Bachelor's degree (or equivalent applied experience/professional qualification).At least one of the following certifications: CRISC, CISM, CISSP, CISA, or Cloud security certifications from major cloud providers (AWS, Azure, GCP). Additional Information:
Ford is committed to diversity and equality of opportunity for all and is opposed to any form of less favourable treatment or harassment on the grounds of gender, marital status, civil partnership status, parental status, race, ethnic origin, colour, nationality, national origin, disability, sexual orientation, religion/belief, gender reassignment, gender identity, age, and those with caring responsibilities.
#LI-Hybrid
Requisition ID: 38797
#J-18808-Ljbffr