Cyber Automation Analyst

Ford•Allen Park, MI

About The Position

Experience in understanding modern computing vulnerabilities, attack vectors and exploits is recommended. Bachelor's degree in a Computer Science, Information Technology or related field OR a combination of education and experience 2+ years of experience with SIEM tools with preference for Google SecOps 2+ years of Cloud experience in GCP (preferred) / Azure development Highly capable Python programming skills focused on Rest API's for organizing and moving data across myriad platforms and tooling Strong deductive reasoning, critical thinking, problem solving, and prioritization skills. Experience in a fast paced, high stress, support environment, able to work with a sense of urgency and pay attention to detail Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management. 2+ years prior SOC operational experience Sound understanding of Cloud, TCP/IP and networking concepts. In depth knowledge of servers, clients, various computer peripherals, network and/or Storage technologies Thorough knowledge of multiple operating systems specifically Windows and (Mac or Linux) Awareness of computer forensics as a discipline a plus Familiar with Ford Computing Infrastructure and application development life cycle (SDM) Demonstrate high level of independent initiative, drive for results, quality methods and integrity Create, enhance, and tune curated and custom SIEM/EDR threat detections Develop and implement in Python SOAR orchestration to integrate logs, events, data feeds, execute Incident Response actions, etc. Partner with IT Operations teams for current and future log source ingestion and parsing into SIEM and SOAR environments Technical project management for software upgrades and maintenance using the AGILE framework Engineer and deploy sophisticated security detection solutions, including the creation of agentic AI to assist in security incident triage and remediation, leveraging expertise in Generative AI (GenAI), Large Language Models (LLMs), and Retrieval-Augmented Generation (RAG), while ensuring adherence to and implementation of Model Context Protocol (MCP) for secure and reliable model operations. Established and active employee resource groups

Requirements

Experience in understanding modern computing vulnerabilities, attack vectors and exploits is recommended.
Bachelor's degree in a Computer Science, Information Technology or related field OR a combination of education and experience
2+ years of experience with SIEM tools with preference for Google SecOps
2+ years of Cloud experience in GCP (preferred) / Azure development
Highly capable Python programming skills focused on Rest API's for organizing and moving data across myriad platforms and tooling
Strong deductive reasoning, critical thinking, problem solving, and prioritization skills.
Experience in a fast paced, high stress, support environment, able to work with a sense of urgency and pay attention to detail
Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management.
2+ years prior SOC operational experience
Sound understanding of Cloud, TCP/IP and networking concepts.
In depth knowledge of servers, clients, various computer peripherals, network and/or Storage technologies
Thorough knowledge of multiple operating systems specifically Windows and (Mac or Linux)
Demonstrate high level of independent initiative, drive for results, quality methods and integrity

Nice To Haves

Awareness of computer forensics as a discipline a plus
Familiar with Ford Computing Infrastructure and application development life cycle (SDM)

Responsibilities

Create, enhance, and tune curated and custom SIEM/EDR threat detections
Develop and implement in Python SOAR orchestration to integrate logs, events, data feeds, execute Incident Response actions, etc.
Partner with IT Operations teams for current and future log source ingestion and parsing into SIEM and SOAR environments
Technical project management for software upgrades and maintenance using the AGILE framework
Engineer and deploy sophisticated security detection solutions, including the creation of agentic AI to assist in security incident triage and remediation, leveraging expertise in Generative AI (GenAI), Large Language Models (LLMs), and Retrieval-Augmented Generation (RAG), while ensuring adherence to and implementation of Model Context Protocol (MCP) for secure and reliable model operations.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume