[Skip To Content]

Manager - Connected Vehicle Cybersecurity

  • 위치
    • Milford, Michigan
    • Warren, Michigan
  • 직무 유형 Full time
  • 게시됨
  • Job Requisition JR-202603766

설명

The Role

GM’s  Product Cybersecurity Team  safeguards the security and integrity of our vehicle platforms, embedded systems, and connected services across the entire product lifecycle. Our mission is to proactively defend GM products against evolving cyber threats by engineering cybersecurity into every phase — from concept and architecture through development, validation, production, and in-field operation. We seek product cybersecurity professionals with advanced expertise in secure system design, embedded and automotive security, and risk-based threat analysis, capable of driving security-by-design principles, ensuring compliance with global regulations and standards, and strengthening the resilience of GM’s vehicles and mobility ecosystems.

The Connected Vehicle Cybersecurity Manager leads the engineering team responsible for securing the end-to-end connected vehicle ecosystem – spanning in-vehicle connectivity platforms, telecom interfaces, backend services, certificate lifecycle management (CLM), and mobile integrations.

This role defines and drives the security vision, architecture, and execution strategy for connected ECUs and services. The manager ensures secure design, implementation, and operations across vehicle, cloud, and mobile domains, while maintaining compliance with global automotive cybersecurity regulations and internal standards.

This is a high-impact leadership position interfacing with vehicle engineering, cloud platforms, telecom providers, enterprise security, and product leadership.

What You'll Do:

Leadership & Organization

  • Lead, grow, and mentor the Connected Vehicle Security engineering team.
  • Drive hiring strategy, capability development, and performance management.
  • Build deep technical expertise in embedded, telecom, and cloud security within the team.
  • Foster a security-by-design culture across vehicle programs.

Security Architecture & Strategy

  • Define and maintain security architecture for:
    • Connected ECUs (telematics control units, infotainment systems, connectivity SoCs)
    • ADAS systems, CLM design
    • Vehicle-to-cloud communications
    • Backend services communicating with vehicles including CLM, IAM, APIs, and OTA
  • Establish and maintain security requirements aligned to:
    • ISO/SAE 21434
    • UNECE WP.29 R155 / UNECE WP.29 R156
  • Own threat modeling (TARA) and risk treatment decisions for connected systems.
  • Define cryptographic architecture (PKI, key hierarchy, provisioning, rotation, revocation).

Secure Design & Control Implementation

Oversee the design and deployment of security controls including:

  • Secure boot & hardware root of trust (HSM / TPM-based).
  • Firmware signing & OTA protection.
  • OS hardening (Linux/QNX/Android-based IVI platforms).
  • TLS/mTLS implementation for vehicle-to-cloud communication.
  • Token-based authentication & OAuth flows.
  • Certificate Lifecycle Management (development, provisioning, renewal, revocation, backend trust anchors, etc.)
  • Secure API gateways and backend authentication services.
  • Secure telecom integration (eSIM, 4G/5G, V2X security).

Program Governance & Lifecycle Security

  • Govern cybersecurity engagement across connected vehicle programs:
    • Security intake
    • Architecture reviews
    • Design assessments
    • Penetration testing reviews
    • Security sign-off gates
  • Track and manage:
    • Cybersecurity risks
    • Deviations and compensating controls
    • Open vulnerabilities
  • Ensure traceability from cybersecurity requirements to validation artifacts.
  • Support CSMS evidence generation and audit readiness.

Incident Response & Vulnerability Management

  • Provide leadership oversight for vulnerability management across:
    • In-vehicle connectivity stacks
    • Mobile integrations
  • Coordinate incident response with enterprise security teams.
  • Define connected vehicle patching and remediation strategy.
  • Support external researcher engagement and responsible disclosure handling.

Stakeholder & Executive Communication

  • Communicate security strategy, trade-offs, and risk posture to senior leadership.
  • Translate technical risk into business impact.
  • Provide security health metrics for connected platforms.
  • Represent Connected Vehicle Security in executive and regulatory reviews.

Your Skills & Abilities (Required Qualifications)

  • Bachelor’s degree in Computer Science, Electrical Engineering, Cybersecurity, or related field.
  • 8+ years in automotive cybersecurity, embedded security, telecom security, or cloud security.
  • Demonstrated hands-on experience with:
    • Connected ECUs ( TCU, IVI, connectivity modules )
    • PKI / certificate management systems
    • Secure communication protocols ( TLS, IPsec, DoIP, CAN security )
  • Proven people leadership experience (team lead, engineering manager, or equivalent).

What Will Give You a Competitive Edge (Preferred Qualifications)

  • Experience implementing ISO/SAE 21434 -compliant development processes.
  • Familiarity with UNECE R155/R156 regulatory expectations.
  • Experience with:
    • HSM -based key storage
    • Secure provisioning at manufacturing
    • OTA security architecture
    • Telecom security ( eSIM , carrier integration)
    • Cloud-native security controls (IAM, zero trust, API security )
  • Strong understanding of threat modeling ( TARA ), penetration testing, and red-team findings in automotive.
  • Experience working in a global OEM or Tier-1 environment.

GM does not provide immigration-related sponsorship for this role. Do not apply for this role if you will need GM immigration sponsorship now or in the future. This includes direct company sponsorship, entry of GM as the immigration employer of record on a government form, and any work authorization requiring a written submission or other immigration support from the company (e.g., H1-B, OPT, STEM OPT, CPT, TN, J-1, etc.)

이 직무는 하이브리드 직무로 분류됩니다. 즉, 선발된 지원자는 특정 근무지로 주 3일 이상(또는 관리자가 지정한 다른 빈도로) 특정 근무지로 출근해야 합니다.

이 직무는 리로케이션 혜택을 받을 수 있습니다.

다양성 정보

General Motors는 법적으로 금지된 차별을 배제하는 것은 물론 포용성과 소속감을 진정으로 장려하는 직장이 되기 위해 노력하고 있습니다. 당사는 다양성이 보장되는 환경에서 직원들이 역량을 발휘하고 우리 고객을 위한 더 좋은 제품을 개발할 수 있다고 믿습니다. 따라서 입사에 관심 있는 사람이 있다면 포지션별 주요 업무와 자격을 확인하고 본인이 보유한 기술과 능력에 부합하는 모든 포지션에 적극적으로 지원하기를 장려합니다. 지원자는 채용 과정에서 역할 관련 평가(해당하는 경우) 및/또는 채용 전 스크리닝을 통과해야 합니다.  자세한 정보는 GM 채용 과정 안내를 참고하십시오.

공평한 취업 기회 선언 (미국)

General Motors는 공평한 기회를 제공하는 고용주임을 자부합니다.  자격을 만족하는 지원자는 인종과 피부색, 성별, 성적 지향, 성별 정체성, 국적, 장애, 재향 군인 보호법 적용 여부와 상관없이 채용 후보로서 심사를 받습니다. 

숙소 (미국 및 캐나다)

General Motors는 장애인을 포함한 모든 구직자들에게 취업 기회를 제공합니다. 구직이나 취업 지원에 도움이 되는 합리적인 숙소가 필요한 경우 [email protected]으로 이메일을 보내시거나 800-865-7580으로 전화주십시오. 이메일에, 귀하가 요청하는 특정한 숙소에 대한 설명과 귀하가 지원하는 직무와 채용 요청서 번호를 포함해주세요.