Director - Vehicle and Connected Services Monitoring

This leadership role within the Vehicle and Connected Cybersecurity organization is responsible to lead the "eyes and ears" of the company. You will lead a global team of experts tasked with monitoring trillions of signals from vehicle telematics, embedded systems, and cloud-native application stacks, ensuring that millions of connected vehicles and the cloud services that power them are continuously protected against sophisticated global threats. Your mandate covers the entire lifecycle of a threat—from proactive intelligence gathering and managing global bug bounty programs to real-time detection engineering and high-stakes incident response. As a key leader in the Ford+ transformation, you will bridge the gap between Product Development, Model e, Ford Pro, and Enterprise IT to ensure a unified, world-class defense posture. Global Vehicle & Application Monitoring (VSOC/ASOC Operations): Directing 24/7 monitoring for Ford’s global connected fleet and digital services, ensuring operational excellence with high-fidelity visibility across geographies, and overseeing the analysis of vast signals from vehicle telematics, embedded systems, and cloud-native applications. Analysis & Incident Response (CIRT Partnership): Serving as the primary executive lead for security incidents involving vehicles or connected services, partnering with the corporate Incident Response Team (CIRT), directing forensic analysis on vehicle-specific protocols (CAN, Automotive Ethernet) and cloud/mobile application stacks, and developing rapid-response playbooks including Over-the-Air (OTA) security mitigations. Monitoring Development & Detection Engineering: Leading teams to build advanced detection logic, behavioral heuristics, and Machine Learning (ML) models for automotive attack patterns, driving the implementation of Security Orchestration, Automation, and Response (SOAR) platforms, and integrating data science for anomaly detection. Product Threat Intelligence: Building and leading a dedicated capability to track threat actors targeting the automotive sector, EV charging infrastructure, and fleet management tools, translating intelligence into proactive defense strategies, and representing Ford in industry forums like Auto-ISAC. Threat Hunting & Bug Bounty Program: Leading a specialized hunt team to identify hidden threats and vulnerabilities, overseeing Ford’s Coordinated Vulnerability Disclosure (CVD) and Bug Bounty programs, and aligning insights with internal red-teaming and secure-coding priorities. Executive Leadership & Qualifications: Defining and executing a global monitoring roadmap aligned with Ford’s software-centric transition, acting as the primary authority for operational cyber risks, leading and mentoring a global organization, and influencing cross-functional partners You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply! As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder…or all of the above? No matter what you choose, we offer a work life that works for you, including: