The Dev Sec Ops engineer ensures that every step of the software development lifecycle (SDLC) follows security best practices, works to automate security processes, embed security testing, and foster a culture of shared responsibility between development, operations, and security teams. They also implement secure coding practices, identify and mitigate vulnerabilities early through tools, review for secure cloud infrastructure, and ensure compliance with security standards to help teams for rapid software delivery.

• Bachelor (undergraduate) degree in a relevant field (Computer Science, Software Engineer, Security, or others) OR an equivalent combination of education, training, and experience.
• Minimum of 3 years of professional experience
• Desirable Certified Dev Sec Ops Professional (CDP), Certified Kubernetes Administrator (CKA) or Certified Kubernetes Security (CKS) and Hashi Corp Certified: Terraform Associate.

DISCLAIMER:
Ford Motor Company is an Equal Opportunity Employer, as we are committed with a diverse workforce, and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran and basis of disability.

Technical Skills & Responsibilities

• Programming & Development:

Strong development or scripting experience, specifically in Java 21, Spring boot,Angular, Python to automate routine tasks and improve system reliability.

• Code Security:

Perform security-focused code reviews to identify, triage, and fix vulnerabilities and bugs.

• Security Expertise:

Familiarity with common security flaws (e.g., OWASP Top 10) and the use of security libraries and static analysis tools (SAST).

• Dev Sec Ops & Automation:

Integrate, monitor, and improve Dev Sec Ops tools and processes, including automated enforcement and code-based compliance.

• Vulnerability Management:

Perform continuous vulnerability assessments, risk mitigation, and risk management.

• Security Architecture:

Knowledge of Zero Trust security models, platform-based controls, and automated guardrails.

• Technical Consultation:

Support and consult with product and development teams to address application security risks throughout the lifecycle.

• Training & Mentorship:

Provide security training, outreach, and mentoring to internal teams and customers.

• Process Improvement:

Monitor KPIs and customer experience to refine security processes and adherence.

• Communication:

Professional written and verbal communication skills with the ability to articulate complex technical topics clearly.

• Collaboration:

Proven ability to work effectively and collaboratively within software development environments.

This description outlines the general nature and scope of work typically performed in this job. It is not intended to be an exhaustive list of all duties, responsibilities, knowledge, skills, work requirements, etc. It may vary slightly based on business or geographic needs and is subject to being reviewed and updated periodically.