At BrightDrop, we are reshaping e-commerce by developing smarter, greener, and more efficient ways to deliver goods and services to your door, while delivering a brighter future for the cities where we live. We are building an ecosystem of all-electric, zero-emissions delivery solutions – from electric vehicles, to ePallets and software that leverages real-time data to drive intelligent optimizations for e-commerce. To deliver on our mission we are growing fast and building a team -- based in Palo Alto, with offices in Atlanta and Detroit -- that is customer-focused, agile and passionate about innovating for a more sustainable future.
From engineering to product management and operations, BrightDrop is looking for people who can combine a passion for technology and sustainability with high doses of curiosity and rigorous thinking to deliver a better future.
Backed by General Motors, BrightDrop is striving to improve the communities where we live and deliver a better future for generations to come. We hope you’ll join us.
The Product Security team at BrightDrop ensures the security of our products and services and are the domain experts for our engineering and IT teams to protect our customers’ data in today’s dynamic threat landscape. We are a team of highly skilled security engineers that specialize in security research, penetration testing, and security architecture. We evaluate a broad range of technologies including sophisticated web applications, IoT platforms, distributed processing, Cloud environments and isolation of entrusted code.
As a Sr DevSecOps Engineer, you will be responsible for the implementation of security solutions in all aspects of Security. Work closely with product and platform teams to engineer and implement security controls with a focus on DevSecOps and automation.
Roles and Responsibilities
Assist in developing an automated framework for Security tool deployment and development, using various scripting languages and open source/ commercial solutions to support product security and Cloud
Implement and manage Vulnerability Management Platform
Provide vulnerability remediation strategies to engineering teams and verify security patches.
Implement innovative solutions to scale the program with emphasis on automation where applicable.
Work closely with engineering teams to ensure we are considering security when architecting and building new systems.
Act as internal DevSecOps enthusiast, demonstrating the benefits of embedding security and compliance into DevOps
Develop procedures to automate security and compliance checks during code builds and deployments
Write and maintain relevant documentation
Masters or Bachelor’s degree in Computer Science or EE is required
8+ years of experience working in application development environment, application/product security and cloud security
4+ years of experience in designing and developing automation
Experience in automated testing of web applications and web services in a fast paced and agile environment
Passion for DevOps and strong skills in at least one scripting language (Ruby/Python or equivalent)
Proficient in coding in any programming language.
Experience with CI/CD - Deployment pipeline (Jenkins, Ansible, Terraform)
Experience in integrating Security Tools with CI/CD Pipeline
Experience in security technologies including, SAST, SCA, DAST, CSPM, CWPP and Container Scanner Solutions
Experience in OWASP Top 10, SANS Top 25 and Cloud Security Controls
Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
Azure Cloud experience is a plus
Our vision is a world with Zero Crashes, Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better, safer and more equitable for all.
Why Join Us
We aspire to be the most inclusive company in the world. We believe we all must make a choice every day – individually and collectively – to drive meaningful change through our words, our deeds and our culture. Our Work Appropriately philosophy supports our foundation of inclusion and provides employees the flexibility to work where they can have the greatest impact on achieving our goals, dependent on role needs. Every day, we want every employee, no matter their background, ethnicity, preferences, or location, to feel they belong to one General Motors team.
The goal of the General Motors total rewards program is to support the health and well-being of you and your family. Our comprehensive compensation plan incudes, the following benefits, in addition to many others:
• Paid time off including vacation days, holidays, and parental leave for mothers, fathers and adoptive parents;
• Healthcare (including a triple tax advantaged health savings account and wellness incentive), dental, vision and life insurance plans to cover you and your family;
• Company and matching contributions to 401K savings plan to help you save for retirement;
• Global recognition program for peers and leaders to recognize and be recognized for results and behaviors that reflect our company values;
• Tuition assistance and student loan refinancing;
• Discount on GM vehicles for you, your family and friends.
General Motors is committed to being a workplace that is not only free of discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that workforce diversity creates an environment in which our employees can thrive and develop better products for our customers. We understand and embrace the variety through which people gain experiences whether through professional, personal, educational, or volunteer opportunities. GM is proud to be an equal opportunity employer.
We encourage interested candidates to review the key responsibilities and qualifications and apply for any positions that match your skills and capabilities.
Equal Employment Opportunity Statements
The policy of General Motors is to extend opportunities to qualified applicants and employees on an equal basis regardless of an individual's age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity/expression or veteran status. Additionally, General Motors is committed to being an Equal Employment Opportunity (EEO) Employer and offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us at Careers.Accommodations@GM.com or call us at 800-865-7580. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.