Grc Risk Analyst Jobs in Michigan (NOW HIRING)

We are seeking a Technical Risk Engineer with strong technical acumen to design, prioritize, and enable risk-reducing technical solutions across complex cloud and enterprise environments. This role emphasizes solution engineering over process engineering-using risk frameworks, policies, and controls as inputs to architect practical, automatable, and scalable technical safeguards.

The ideal candidate thinks like an engineer first and a risk professional second: someone who understands how systems fail, how controls can be enforced through code and architecture, and how risk intent is translated into resilient technical designs.

Preferred Technical Skills

• Cloud Platforms: Google Cloud Platform (GCP)
• Automation & API Development: Proficiency in Python or Java and Ansible for scripting, with hands-on experience in API development (RESTful) 
• Infrastructure as Code: Terraform (required)
• Data & Analytics: GCP BigQuery, Power BI (or similar) to visualize risk posture & evidence.

• Backup, recovery, and resilience solution architectures

• Isolated Recovery Environment (IRE) design and implementation in GCP

• Supporting Knowledge (nice to have):
  • GRC and/or Security Domain expertise
  • CI/CD pipelines and policy-as-code
  • Cloud IAM, networking, and control planes
  • Observability, logging, and evidence automation
  • GRC Platforms: Archer, ServiceNow
  • ITIL-based IT Service Management (ITSM)
  • Familiarity with Agentic AI Frameworks

Required Qualifications

• Requires a bachelor's or foreign equivalent degree in computer science, information technology or a technology related field
• 7+ years in IT operations & engineering, security engineering, platform engineering, SRE, or technical risk roles

• Backup, recovery, and resilience solution architecture implementations, especially IRE's.

• Proven ability to design and influence technical solutions across teams
• Strong understanding of how risk manifests in distributed systems, cloud platforms, and automation
• Comfortable operating between engineering teams and risk stakeholders
• Ability to explain complex technical risk concepts to non-technical audiences without losing fidelity

You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply!

As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder...or all of the above? No matter what you choose, we offer a work life that works for you, including:

• Immediate medical, dental, and prescription drug coverage
• Flexible family care, parental leave, new parent ramp-up programs, subsidized back-up child care and more
• Vehicle discount program for employees and family members, and management leases
• Tuition assistance
• Established and active employee resource groups
• Paid time off for individual and team community service
• A generous schedule of paid holidays, including the week between Christmas and New Year's Day
• Paid time off and the option to purchase additional vacation time.

For a detailed look at our benefits, click here: Benefit Summary 

This position is a salary grade 8. 

This position is a salary grade 8 and ranges from $96,720-162,120.

*Visa Sponsorship is provided for this role*

Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire.

We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, If you need a reasonable accommodation for the online application process due to a disability, please call 1-888-336-0660.
 

#LI-Remote

#LI-GH2

Preferred Technical Skills

• Cloud Platforms: Google Cloud Platform (GCP)
• Automation & API Development: Proficiency in Python or Java and Ansible for scripting, with hands-on experience in API development (RESTful) 
• Infrastructure as Code: Terraform (required)
• Data & Analytics: GCP BigQuery, Power BI (or similar) to visualize risk posture & evidence.

• Backup, recovery, and resilience solution architectures

• Isolated Recovery Environment (IRE) design and implementation in GCP

• Supporting Knowledge (nice to have):
  • GRC and/or Security Domain expertise
  • CI/CD pipelines and policy-as-code
  • Cloud IAM, networking, and control planes
  • Observability, logging, and evidence automation
  • GRC Platforms: Archer, ServiceNow
  • ITIL-based IT Service Management (ITSM)
  • Familiarity with Agentic AI Frameworks

Required Qualifications

• Requires a bachelor's or foreign equivalent degree in computer science, information technology or a technology related field
• 7+ years in IT operations & engineering, security engineering, platform engineering, SRE, or technical risk roles

• Backup, recovery, and resilience solution architecture implementations, especially IRE's.

• Proven ability to design and influence technical solutions across teams
• Strong understanding of how risk manifests in distributed systems, cloud platforms, and automation
• Comfortable operating between engineering teams and risk stakeholders
• Ability to explain complex technical risk concepts to non-technical audiences without losing fidelity

Key Responsibilities

• Engineer technical risk solutions that reduce operational, cyber, and resilience risk through architecture, automation, and control design.
• Translate risk requirements, policies, and standards into implementable technical patterns, guardrails, and reference architectures.
• Prioritize and influence solution design decisions based on risk impact, blast radius, and recovery dependencies.
• Partner with platform, cloud, security, and SRE teams to embed risk controls directly into infrastructure and pipelines.
• Evaluate control effectiveness using technical signals and evidence, not just procedural compliance.
• Support initiatives such as secure cloud architecture, isolated recovery environments, identity and access hardening, and infrastructure resilience.
• Provide technical guidance on risk tradeoffs, recovery sequencing, and dependency-aware system design.
• Contribute to lightweight process definition where needed-but always in service of enabling better technical outcomes.