Senior Security Platform Engineer (Identity and Access Management)

We are seeking a highly skilled and experienced Security Platform Engineer to play a key role in the implementation of the next-generation Enterprise Identity and Access Management (IAM) platform. This role involves leveraging multiple capabilities, including but not limited to Microsoft EntraID, GCP development platform, and other enterprise tooling. The successful candidate will be responsible for designing, developing, and maintaining Ford’s Access Management and Authorization platform, which is critical for securing our resources and ensuring seamless access for our users.

The security platform engineer will contribute to the engineering, delivery, and 24/7 support of Identity and Access Management highly available solutions.  The successful candidate will work closely with other Ford teams (business teams, cyber security, application teams and other security teams) and our partners to ensure the Enterprise Access Management and Authorization platform provides the secure, premium customer experience required to deliver the Ford focus areas.  The position requires an individual with a continuous improvement mindset who is driven by the pursuit of operational excellence with the fortitude to build technical prowess to navigate complex Identity and Access Management ecosystem, networking security compliance, and software development. 

Are you seeking a role that helps drive modernization, simplification, security compliance, and operational excellence through cloud adoption across a large enterprise? Ford’s Security Services team is seeking an experienced professional to enable our organization to take advantage of new and emerging technologies through the use of Azure cloud services.

If you are a passionate and experienced professional with a strong background in Identity and Access Management and the desire to work hands-on in implementing the next-generation IAM platform, we encourage you to apply and join our team.

What you’ll do…

• Strategy: in close collaboration with other security platforms leads, contribute to the development and implementation of Identity and Access Management strategies and roadmap. 
• System Design: Collaborate closely with IAM portfolio product owners, SMEs, and security product teams to define modernization path, architecture and design of the IAM platform, utilizing EntraID identity infrastructure and entitlement management capabilities effectively.
• Development: Engage in delivery of tactical and strategic IAM solutions, including analysis, design, and implementation with focus of improving security posture.  Oversee the development of high-quality, maintainable code in accordance with best practices.
• Security: Ensure the IAM platform is designed with security in mind. Implement robust authentication and authorization mechanisms and work closely with the security & access control stakeholders to mitigate potential risks.
• Integration: Integrate Enterprise IAM platform with various systems and services, both within the organization and with external partners, to provide seamless and secure access control.
• Application Transformation: Partner with application teams levering Enterprise Identity and Access Management platform to ensure services are consumable by app and cloud migration teams to allow for modernization of existing integration and access controls within traditional applications.
• Scalability: Design the IAM platform to be scalable to meet the organization’s growing needs. Implement performance optimizations to ensure efficient operation.
• Documentation: Create and maintain technical documentation, including architecture diagrams, API documentation, and coding standards.
• Collaboration: Collaborate with cross-functional teams, including security, IT, and application development teams, to ensure the IAM platform aligns with the organization’s overall goals.
• Troubleshooting and Support: Provide technical support and troubleshooting assistance to resolve issues related to the IAM platform. Develop and maintain monitoring and alerting systems.
• Stay Current: Keep up-to-date with the latest IAM and Microsoft entitlement management technologies, trends, and best practices, and apply them to improve the platform.

You’ll have…

• Bachelor’s degree in Computer Science, Engineering, or a related field.
• Minimum 8 years of hands-on experience with Microsoft Azure cloud platform, Active Directory, GCP, OAuth, and SAML, App Services, API management.
• Minimum 5 years of hands-on experience delivering secure, always-on identity solutions.

Even better, you may have…

• Master’s degree
• Proven experience in designing, building, implementing, analyzing, and troubleshooting distributed, large-scale, highly available security systems.
• Expertise in Identity and Access Management and Authorization security domain.  Solid understanding of security principles and best practices related to Identity and Access Management.
• Strong knowledge of Microsoft entitlement management or related IAM technologies.
• Proficiency in programming languages like C#, .NET, Java, and related technologies.
• Agile experience for the software delivery methodology.
• Ability to leverage CI and CD tools to automate testing and deployment.
• Hands-on experience with Site Reliability Engineering (SRE) and Dynatrace. 
• Demonstrated ability to work collaboratively to identify and solve problems with a globally dispersed and diverse team. 
• Demonstrated dedication to continuous improvement and operational excellence.
• Demonstrated strong verbal, interpersonal, and written skills with the ability to work directly with business customers and application teams for gathering information and troubleshooting.
• Demonstrated ability to explain complex technical concepts to a variety of audiences (e.q. team members, business partners, senior management)
• Demonstrated ability to work under pressure, meet strict deadlines, challenge the status quo, and manage ambiguity. 
• Excellent problem-solving and troubleshooting skills.
• Strong communication and interpersonal skills to work effectively with cross-functional teams.
• Self-starter, ability to take initiative. 
• Professional certification related to a cloud technology and/or certifications in IAM or related fields (e.g., AZ-900: Azure fundamentals, CISSP, CISM, Microsoft Certified: Identity and Access Administrator) are a plus.

You may not check every box, or your experience may look a little different from what we’ve outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply!

As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder…or all of the above? No matter what you choose, we offer a work life that works for you, including:

• Immediate medical, dental, and prescription drug coverage

• Flexible family care, parental leave, new parent ramp-up programs, subsidized back-up child care and more

• Vehicle discount program for employees and family members, and management leases

• Tuition assistance

• Established and active employee resource groups

• Paid time off for individual and team community service

• A generous schedule of paid holidays, including the week between Christmas and New Year’s Day

• Paid time off and the option to purchase additional vacation time.

For a detailed look at our benefits, click here: Benefit Summary

Visa sponsorship is available for this position.

Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire.

We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call 1-888-336-0660.

#LI-Hybrid