[Skip To Content]

Ecosystem Cybersecurity Architect

  • 위치
    • Austin, Texas
    • Warren, Michigan
  • 일정 Full time
  • 게시됨

설명

Work Arrangement

This role is categorized as hybrid. This means the successful candidate is expected to report to GM Global Technical Center in Warren, Michigan three times per week, at minimum.

The Role

The Ecosystem Cybersecurity Architect brings together complex and converging across General Motors and third-party ecosystems to secure technologies. Through a holistic view of cybersecurity of customer-facing products and services to surface interconnected risks, illuminate digital dependencies, and define roles and responsibilities. Through broad cross-functional ability to execute global cybersecurity strategy by fostering collaboration, increasing awareness, and enhancing engagement.

Together our partners and Cybersecurity Risk Management team seek opportunities to assess tasks, plan, and execute on time. Our role is pivotal in the enterprise practices around cybersecurity with exposure to senior leaders around the organization. Driving the corporate and industry facing GM Cybersecurity strategy and leadership to encompass our customers, products, and assets.

What You’ll Do (Responsibilities)

Analyze & Align

  • Execute the end-to-end evaluation of products, services, and solutions that align with business and customer needs

  • Pioneer the assessment and understanding of risks, threats, and exploits at an ecosystem level to enable risk-informed decisions

  • Examine new and existing product, systems, and interfaces to decide the efficacy of cybersecurity programs

  • Drive ecosystem threat modeling, risk assessment, and penetration testing and advise on proper mitigations

  • Understand where data interdependencies live across the ecosystem

Lead & Enrich

  • Spearhead GM’s cybersecurity center of excellence and devise a holistic cybersecurity strategy

  • Develop an ecosystem methodology that considers customer needs, business advancements, and external requirements

  • Enable sustainable GM Value Streams, to promote secure practices and advocate for a cybersecurity-by-design culture

  • Broaden cybersecurity risk management and advise business, technology, and cybersecurity stakeholders and executive leadership

Govern & Guide

  • Research emerging technologies and methodologies to increase GM’s ability to mitigate unconventional threat vectors

  • Engage with third-parties, partners, and industry to evolve domain-focused security solutions

  • Monitor changes in technology, the industry, and regulatory landscapes to keep GM Cybersecurity aware of emerging threats and risks

  • Establish ecosystem cybersecurity metrics and define Key Performance Indicators, standards, processes, and procedures

Develop & Coach

  • Guidelines, standards, patterns, cybersecurity principles, findings and lessons learned

  • Product/Service-focused ecosystem architecture models (relational, interaction diagrams) including

  • End-to-end information flow

  • Risks, attack paths, and mitigations

  • Privacy, standards, and regulatory compliance

  • Skills, capabilities, and technologies

  • Ecosystem security models and roadmaps

  • Inventories, asset registers, ownership, roles and responsibilities

[Additional Description]

Your Skills & Abilities (Required Qualifications)

  • Bachelor’s Degree or equivalent work experience (10 years+) in cybersecurity with a focus on security architecture, identity & access management and solutions architecture in large, complex technical environments

Technical Experience

  • Demonstrable experience designing or managing a corporate cybersecurity and compliance program(s)

  • Experience with on-premises, hosted, and cloud services supporting products and services requiring a converged approach

  • Extensive knowledge in security principles, such as encryption/key management, network design, access control and incident containment

  • Familiar with information, embedded, and operational technology disciplines, intersections, and security solutions

  • Thorough understanding of security principles, such as encryption/key management, network design, access control and incident containment

  • Knowledge of the regulatory landscape and intricacies related to industry cybersecurity standards and best practices ( examples include: NIST CSF, SSDF, NIST 800-53, ISO 270001/2, ISO/IEC 15.x.x, NHTSA Best Practices, ISO/SAE 21434, SOC2, etc ) and state privacy laws

  • Industry certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), GIAC Security Essentials (GSEC), Certified Information Security Manager (CISM), or other.

  • Experience with policy/standard creation and acceptance

Interpersonal Experience

  • Excellent communication and collaboration skills, including the ability to lead without authority, resolve cross-team issues, effectively communicate changes, and interact with team members at all levels from the end-user to senior leadership

  • Exhibit creative and analytical thinking to evaluate situations objectively, work independently with minimum direction in a fast-paced environment, and collaborate effectively

  • Superb communicator to serve as primary liaison between business and technical teams

  • A growth mindset and willingness to learn and continuously improve

  • Thorough understanding of risk management principles and processes

  • Capable of decisions and recommendations while considering tradeoffs between conflicting objectives

  • Business acumen and management skills; personable, approachable, empathetic; proved managerial courage

  • Exhibit leadership in cross-functional teams to develop, implement, and test cross-domain solutions

  • Strong teamwork, project management, and team-building skills and the potential to direct teams and push projects across various departments

What Will Give You a Competitive Edge (Preferred Qualifications)

  • Experience in more than one domain of cybersecurity (IT, Manufacturing, Product)

  • Proficient in architecture frameworks (TOGAF, Zachman)

  • 15 years of overall automotive or technology experience

  • Strong knowledge and experience of on-premises, hosted, and cloud security; industry cybersecurity standards and best practices listed above

This position requires the ability to legally operate a motor vehicle on a regular basis and successfully complete a Motor Vehicle Report review.

GM DOES NOT PROVIDE IMMIGRATION-RELATED SPONSORSHIP FOR THIS ROLE. DO NOT APPLY FOR THIS ROLE IF YOU WILL NEED GM IMMIGRATION SPONSORSHIP (e.g., H-1B, TN, STEM OPT, etc) NOW OR IN THE FUTURE.

#LI-KR1

다양성 정보

General Motors는 법적으로 금지된 차별을 배제하는 것은 물론 포용성과 소속감을 진정으로 장려하는 직장이 되기 위해 노력하고 있습니다. 당사는 다양성이 보장되는 환경에서 직원들이 역량을 발휘하고 우리 고객을 위한 더 좋은 제품을 개발할 수 있다고 믿습니다. 따라서 입사에 관심 있는 사람이 있다면 포지션별 주요 업무와 자격을 확인하고 본인이 보유한 기술과 능력에 부합하는 모든 포지션에 적극적으로 지원하기를 장려합니다. 지원자는 채용 과정에서 역할 관련 평가(해당하는 경우) 및/또는 채용 전 스크리닝을 통과해야 합니다.  자세한 정보는 GM 채용 과정 안내를 참고하십시오.

공평한 취업 기회 선언 (미국)

General Motors는 공평한 기회를 제공하는 고용주임을 자부합니다.  자격을 만족하는 지원자는 인종과 피부색, 성별, 성적 지향, 성별 정체성, 국적, 장애, 재향 군인 보호법 적용 여부와 상관없이 채용 후보로서 심사를 받습니다. 

숙소 (미국 및 캐나다)

General Motors는 장애인을 포함한 모든 구직자들에게 취업 기회를 제공합니다. 구직이나 취업 지원에 도움이 되는 합리적인 숙소가 필요한 경우 Careers.Accommodations@GM.com으로 이메일을 보내시거나 800-865-7580으로 전화주십시오. 이메일에, 귀하가 요청하는 특정한 숙소에 대한 설명과 귀하가 지원하는 직무와 채용 요청서 번호를 포함해주세요.