Senior Full Stack Product Developer

The Cyber Security Platforms team, Ford Business Solutions, India is seeking a passionate and creative Full stack Product Developer who can develop UI / self-service portals, automate manual tasks, develop APIs and work on critical security tools used to protect Ford’s most sensitive security systems. The interested candidate should have experience in API development using Java or Phyton, UI development using Angular JS or React JS, good understanding on CI/CD process, Anti-malware, Endpoint protection, XDR, IPS/IDS tools, working with SaaS platforms (such as MS Defender, Proofpoint for Email Security) & their APIs, cloud computing (GCP, AWS, Azure). 

This role demands a unique combination of high-skill in security for AI, full stack product development, cloud experience blended with platform engineering capabilities to mature the AI Security platform/tools. 

This role is responsible for designing, implementing, automating security products that support enterprise cybersecurity operations. 

This role is also responsible for securing the in-house & public AI and ML/DL systems against cyber threats, adversarial attacks, and data breaches. This specialist combines expertise in cybersecurity and AI/ML to design, implement, and maintain security frameworks, ensuring the integrity, confidentiality, and compliance of AI-driven solutions throughout their lifecycle. This also involves collaboration with cross-functional, stakeholders and AI Engineers to build and deploy enterprise-wide AI security framework.

YOUR TYPICAL DAY HERE WOULD BE:

• Design / Develop security products with Self-Service portals (UI), security central websites using Angular JS, React JS, Backstage and backed APIs using Java or Python 

• Develop CI-CD pipelines on Tekton and deploy to GCP cloud.

• Work with product managers, SMEs, anchors to create prototypes, perform PoCs

• Collaborate with Platform vendors to understand their APIs, integration patterns to automate deployments / manual tasks.

• Automate testing using Playwright, postman

• Work with various infrastructure and application support teams to provide technical direction and address security issues.

• Design, test, and implement security policies for critical Enterprise Infrastructure.

• Automate repeatable tasks and workflows to improve process efficiency by developing APIs/scripts and deploying to the cloud.

• Implement SRE for Platform services, capabilities/features to achieve availability and reliability. 

• Secure in-house and public AI and ML/DL/LLM/Agents/MCP systems against cyber threats, adversarial attacks, and data breaches across the solution lifecycle.

• Design and implement robust security platforms supporting enterprise security needs (e.g., unified telemetry pipeline like BindPlane, SIEM like QRadar, SecOps, and AI security).

• Define and maintain guidelines and controls to secure AI systems, including data protection, model security, and compliance requirements.

• Apply established frameworks as references/baselines (e.g., Google Secure AI Framework (SAIF), NIST AI Risk Management Framework, Framework for AI Cybersecurity Practices (FAICP)).

• Identify, assess, and mitigate AI-specific security risks (adversarial attacks, data poisoning, model inversion, unauthorized access).

• Conduct vulnerability assessments and penetration testing on AI models and data pipelines.

• Ensure AI data is encrypted, anonymized, and securely stored.

• Implement access controls for sensitive AI data and models (RBAC, ABAC, Zero Trust).

• Protect AI models from tampering, theft, and adversarial manipulation during training and deployment.

• Monitor and log AI system activity for anomalies and security incidents.

• Develop and enforce policies to align AI systems with industry regulations, ethical standards, and organizational governance requirements.

• Develop automated workflows and scripts to enhance security platform functionality and scalability, improving operational efficiency.

• Manage timely patching and upgrades to security tools and systems to reduce downtime and minimize vulnerabilities.

• Configure alerting systems for security threats and enable real-time monitoring for observability.

• WHAT YOUR SKILLSET LOOKS LIKE:

• A relevant Bachelor's or Master’s Degree in engineering/computer applications
• 4+ years of experience in Product development with UI (Angular JS, React, Backstage) and API development (Python Flask or FastAPI or Java)
• 4+ years of experience in security engineering, platform engineering, and AI/ML, including experience in large, complex environments, such as:
•  Managing security platforms and tools in enterprise environments
•  Telemetry pipeline platforms (e.g., BindPlane), SIEM (e.g., Splunk, QRadar), and vulnerability management tools
• 4+ years of Experience in development of CI-CD pipelines
• 4+ years of experience with GCP or Azure or AWS cloud and configuring infrastructure using infrastructure-as-a-code libraries like Terraform, Ansible, etc.
•  Container security (Docker, Kubernetes)
•  Networking protocols, firewalls, and network security best practices
•  AI/ML concepts, architectures, and AI security challenges
•  AI threat areas (adversarial attacks, data poisoning, model inversion, unauthorized access)
•  Vulnerability assessment and penetration testing on AI models and data pipelines
•  Data protection techniques (encryption, anonymization, secure storage) and secure access management (RBAC, ABAC, Zero Trust)
•  Incident response, monitoring tools, and threat intelligence platforms
•  Security frameworks and compliance references (SAIF, NIST, FAICP)
• Experience working in an Agile development environment.
• Knowledge of cybersecurity principles, practices, and technologies. 

• WOULD BE GREAT IF YOU ALSO BRING:

• Certifications:

  • GCP cloud certification or equivalent in AWS or Azure (preferred).

  • Cyber Security Certifications 

  • Experience with SaaS products

  • Preferred certifications such as CAISF, AICERTs, AI for Cybersecurity Specialization, or equivalent.

          Additional cybersecurity certificates (preferred)