**In this role…** The Ford Cloud Platform Engineering (CPE) team oversees the Ford Connected Vehicle Cloud, including the Transport Mobility Cloud (TMC) and its integrated application ecosystem. TMC serves as Ford’s global Connected Vehicle Cloud Platform, supporting over 21 million vehicles in production worldwide. The Security Compliance Engineer will partner closely with Cloud Engineering, DevOps, and Security teams to guarantee the secure operation and maintenance of our microservices-based cloud platforms, aligning them with ISO 27001 and SOC 2 Type 2 standards. This role is central to leading compliance initiatives from start to finish, ensuring robust protection of customer data within our application services and full-stack infrastructure, and securing ongoing regulatory readiness **What you'll do…** + Compliance Management: + Own the end-to-end lifecycle of ISO 27001 and SOC 2 Type 2 compliance. + Lead internal and external audit processes, ensuring timely evidence collection, gap analysis, and remediation tracking. + Maintain the Information Security Management System (ISMS) and related documentation. + Collaborate with external auditors, legal, and risk management teams to ensure audit success and continuous compliance. + Security Governance & Risk Management: + Develop, implement, and maintain security policies, procedures, and controls aligned with industry standards (e.g., NIST, CIS, GDPR). + Perform regular risk assessments and ensure risks are mitigated appropriately across infrastructure, storage, messaging, networking, and Kubernetes environments. + Conduct security and compliance training for internal stakeholders. + Cloud Infrastructure & Application Oversight: + Work closely with DevOps and platform teams to ensure secure deployment practices across: + Kubernetes and Containerization + Kafka messaging systems + Cloud-based databases and object storage + Network configurations and ingress/egress controls + Validate that appropriate monitoring, logging, and incident response mechanisms are in place. + Continuous Improvement: + Monitor evolving regulatory and industry landscapes and update compliance posture accordingly. + Champion automation for compliance tasks (e.g., evidence gathering, configuration monitoring, and drift detection). + Foster a culture of security and compliance throughout the development lifecycle. **You'll have…** + Bachelor's or Master's degree in Computer Science, Information Security, a related technical field or equivalent combination of relevant education and experience. + 6 years of professional experience in information security, compliance, or a related domain. + 2 years experience using compliance automation tools (e.g., Drata, Vanta, Tugboat Logic). + 2 years experience DevSecOps best practices and secure software development lifecycles. **Even better, you may have...** + Possession of at least one relevant industry certification, such as CISA, CISM, CISSP, or ISO 27001 Lead Implementer/Auditor. You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply! As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder…or all of the above? No matter what you choose, we offer a work life that works for you, including: • Immediate medical, dental, vision and prescription drug coverage • Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more • Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more • Vehicle discount program for employees and family members and management leases • Tuition assistance • Established and active employee resource groups • Paid time off for individual and team community service • A generous schedule of paid holidays, including the week between Christmas and New Year’s Day • Paid time off and the option to purchase additional vacation time. For more information on salary and benefits, click here: https://fordcareers.co/GSRSP4 https://fordcareers.co/GSRSP2 This position is a range of salary grades 6-8 Visa sponsorship is not available for this position. Ford will not be offering a relocation package for this position. Candidates for this role are expected to either reside within commuting distance of our Dearborn, MI, Palo Alto, CA, or Long Beach, CA offices or be able to relocate independently without financial assistance from the company. Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call 1-888-336-0660. Onsite work of up to four days per week may be required for candidates within commuting distance of a Ford hub location. #LI-Hybrid **Requisition ID** : 49238