Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

FCE IT Security & Controls Lead

Remote: 
Full Remote
Experience: 
Mid-level (2-5 years)
Work from: 
United Kingdom

Offer summary

Qualifications:

Degree in Information Technology or Cybersecurity, Over 3 years in IT Security function, Experience with SOC 2 Type II and ISO 27001, Strong controls mindset and technical expertise.

Key responsabilities:

  • Engage on control policies at Group level
  • Conduct security risk assessments of third-party providers
Ford Motor Company logo
Ford Motor Company XLarge https://www.careers.ford.com/
10001 Employees
About Ford Motor Company
We don't just make history -- we make the future. Ford put the world on wheels over a century ago, and our teams are re-inventing icons and creating groundbreaking connected and electric vehicles for the next century. We believe in serving our customers, our communities, and the world. If you do, too, come move the world and make the future with us. Ford is a global company with shared ideals and a deep sense of family. From our earliest days as a pioneer of modern transportation, we have sought to make the world a better place – one that benefits lives, communities and the planet. We are here to provide the means for every person to move and pursue their dreams, serving as a bridge between personal freedom and the future of mobility. In that pursuit, our 186,000 employees around the world help to set the pace of innovation every day. Privacy Policy: https://www.ford.com/help/privacy/
See more Ford Motor Company offers

Job description

Job Description

The FCE IT Security & Controls Lead is a crucial member of the IT team, responsible for understanding and supporting the financial entity’s security posture and with awareness on compliance requirements with relevant regulations and industry best practices. This role requires a blend of technical expertise, analytical skills, and a strong understanding of security principles, risk management frameworks and compliance regulations.

This is a leadership role demanding strong communication, analytical, and problem-solving skills, that would provide guidance and mentoring for Security & Controls Junior analysts.

Responsibilities

Key Responsibilities:

Security, Controls & Compliance:

  • Engage at Group level (Ford Motor Company, Ford Motor Credit Company) on new control policies, standards and guidelines and advising Software Engineering teams through understanding of the Corporate Information Security Policies.
  • Conduct Security & Risk assessments of Third-party ICT service providers across FCE (IT due diligence reviews), ensuring they comply with most up-to-date and highest quality information security standards.
  • Identify and report compliance gaps with relevant security regulations and industry standards (e.g., SOX, GDPR, DORA, NIST).
  • Lead on remediation of complex IT Security & Controls related audit findings and internally identified control gaps, including high level co-ordination of corrective actions and defining learnings and best practices.
  • Identify/recommend and where needed present material on various topics to support in-house security & controls awareness & training, or related reporting required at FCE committee meetings (e.g. Exec Operational Risk & Resilience Committee).


Cyber security:

  • FCE representative at FS-ISAC (Financial Services Information Sharing and Analysis Center) events and seminars.
  • Engage with Global Ford Credit security teams and central FMC Cyber Defence Team, contributing to long and short term strategy updates.
  • Research latest cyber trends and offer insights and suggestions for enhancing cyber security and defence within FCE IT.
  • Attend external seminars and expo events in relation to cyber security and present findings back to the FCE IT Cyber Team and to Software Engineering teams.


Responsible for FCE Cyber Incident Response Plan, and its awareness by the Cyber Incident Response Team (CIRT).

Qualifications

Qualification and Skills:

Essential:

  • Minimum 2.2 degree or international equivalent in Information Technology or Cybersecurity.
  • Strong controls mindset, and a background in system development and management – with proven experience (+3 years) in IT Security related function, or equivalent experiences.
  • Demonstrable experience with SOC 2 Type II reports, ISO 27001 or usage of similar standards.
  • Good understanding of cybersecurity threats and best practices, including knowledge of common attack vectors, security controls, and incident response procedures.
  • Strong prioritisation, co-ordination, organisational and communication skills, and a proven ability to balance workload and competing demands to meet deadlines.
  • Clear and concise writing skills for creating reports and documentation, including security requirements, procedures, and policies
  • Critical thinking skills to assess risks and develop security solutions


Desirable:

  • Acquired any of the following certifications, or equivalent one:
    • CRISC (Certified in Risk and Information Systems Control) or equivalent
    • CISM (Certified Information Security Manager) or equivalent
    • CISSP (Certified Information System Security Professional) or equivalent
    • CISA (Certified Information Systems Auditor)
  • Familiar with any ICT related regulations (e.g. SYSC8, PRA, EBA, BaFin, DORA).
  • Experience in a regulated, financial environment
  • Understanding of the overall business of Ford Credit
  • Experience on educating others and sharing awareness to different levels in the organization
  • Cloud security certifications from major cloud providers (AWS, Azure, GCP) / demonstrable expertise in securing cloud environments.
  • Experience with various testing techniques and methodologies.

Required profile

Experience

Level of experience: Mid-level (2-5 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

Compliance RequirementsCyber SecurityRisk ManagementIT SecuritySecurity ControlsIncident ResponseCyber RiskISO/IEC 27001Test MethodCloud Security

Other Skills

  • Communication
  • Analytical Skills
  • Critical Thinking
  • Problem Solving
  • Writing
  • Coordinating
  • Organizational Skills
  • Prioritization
Are you interested?

IT Security Manager Related jobs

See more IT Security Manager jobs