The Product Security team at BrightDrop ensures the security of our products and services and are the domain experts for our engineering and IT teams to protect our customers’ data in today’s dynamic threat landscape. We are a team of highly skilled security engineers that specialize in security research, penetration testing, and security architecture. We evaluate a broad range of technologies including complex web applications, IoT platforms, distributed processing, Cloud environments and isolation of trusted code.
As Sr. Manager of Product Security reporting directly to CISO, you will manage and develop a team of security engineers passionate about our entire product portfolio. Your passion for security, ability to connect with and encourage your team, and in-depth knowledge of Product Security and Cloud Security will ensure that you deliver high impact results.
Manage the overall Product Security Program. Execute on compelling security strategy across a portfolio of Products.
Improve overall security awareness and instill a culture of secure software development throughout the engineering organization. Prescribe and manage ongoing defensive programming training program for engineering teams.
Maintain strong knowledge of ongoing security threats, remediation and operational standard methodologies.
Guide the Engineering organization's security and privacy initiatives by participating in design reviews and threat modeling sessions.
Manage Threat Modeling and Penetration testing programs.
Manage Product Security Operations Center (SOC)
Participate in incident response and vulnerability remediation efforts. Maintain the vulnerability management system and ensure compliance on SLAs for security bugs with engineering teams.
Ensure necessary compliance for all products.
B.S. / M.S. in Computer Science, Electrical Engineering or related experience.
At least 8+ years of experience in Product Security and at least 3 years of experience managing a team of highly skilled Product Security and Cloud Security engineers.
Demonstrated success and influence in the Product Security and Cloud Security space.
Experience defining security policy, technology requirements, and control objectives.
Experience successfully rolling out and maturing Secure SDLC program.
Demonstrated experience crafting effective security strategies. Strong influencing, communication and general interpersonal skills. Ability to deliver high impact results for Product Security and secure development.
In-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
Expert knowledge of secure infrastructure architectures, application architectures, encryption, Cloud Security and broader security technologies.
Strong quantitative and analytical skills, proven ability to track and successfully complete complex security programs. Strong influencing skills with an ability to motivate and drive others to succeed.
The expected base compensation for this role is: (167,040 - 255,845 USD Annual). Actual base compensation within the identified range will vary based on factors relevant to the position.
Bonus Potential: An incentive pay program offers payouts based on company performance, job level, and individual performance.
Benefits: GM offers a variety of health and wellbeing benefit programs. Benefit options include medical, dental, vision, Health Savings Account, Flexible Spending Accounts, retirement savings plan, sickness and accident benefits, life insurance, paid vacation & holidays, tuition assistance programs, employee assistance program, GM vehicle discounts and more.
Our vision is a world with Zero Crashes, Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better, safer and more equitable for all.
Why Join Us
We aspire to be the most inclusive company in the world. We believe we all must make a choice every day – individually and collectively – to drive meaningful change through our words, our deeds and our culture. Our Work Appropriately philosophy supports our foundation of inclusion and provides employees the flexibility to work where they can have the greatest impact on achieving our goals, dependent on role needs. Every day, we want every employee, no matter their background, ethnicity, preferences, or location, to feel they belong to one General Motors team.
Total Rewards | Benefits Overview
From day one, we're looking out for your well-being–at work and at home–so you can focus on realizing your ambitions. Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources.
General Motors is committed to being a workplace that is not only free of discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that workforce diversity creates an environment in which our employees can thrive and develop better products for our customers. We understand and embrace the variety through which people gain experiences whether through professional, personal, educational, or volunteer opportunities. GM is proud to be an equal opportunity employer.
We encourage interested candidates to review the key responsibilities and qualifications and apply for any positions that match your skills and capabilities.
Equal Employment Opportunity Statements
The policy of General Motors is to extend opportunities to qualified applicants and employees on an equal basis regardless of an individual's age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity/expression or veteran status. Additionally, General Motors is committed to being an Equal Employment Opportunity (EEO) Employer and offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us at Careers.Accommodations@GM.com or call us at 800-865-7580. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.