[Skip To Content]

Ecosystem Cybersecurity Architect

  • [Location]
    • Austin, Texas
    • Warren, Michigan
  • 日程 Full time
  • 发表

描述

Work Arrangement

This role is categorized as hybrid. This means the successful candidate is expected to report to GM Global Technical Center in Warren, Michigan three times per week, at minimum.

The Role

The Ecosystem Cybersecurity Architect brings together complex and converging across General Motors and third-party ecosystems to secure technologies. Through a holistic view of cybersecurity of customer-facing products and services to surface interconnected risks, illuminate digital dependencies, and define roles and responsibilities. Through broad cross-functional ability to execute global cybersecurity strategy by fostering collaboration, increasing awareness, and enhancing engagement.

Together our partners and Cybersecurity Risk Management team seek opportunities to assess tasks, plan, and execute on time. Our role is pivotal in the enterprise practices around cybersecurity with exposure to senior leaders around the organization. Driving the corporate and industry facing GM Cybersecurity strategy and leadership to encompass our customers, products, and assets.

What You’ll Do (Responsibilities)

Analyze & Align

  • Execute the end-to-end evaluation of products, services, and solutions that align with business and customer needs

  • Pioneer the assessment and understanding of risks, threats, and exploits at an ecosystem level to enable risk-informed decisions

  • Examine new and existing product, systems, and interfaces to decide the efficacy of cybersecurity programs

  • Drive ecosystem threat modeling, risk assessment, and penetration testing and advise on proper mitigations

  • Understand where data interdependencies live across the ecosystem

Lead & Enrich

  • Spearhead GM’s cybersecurity center of excellence and devise a holistic cybersecurity strategy

  • Develop an ecosystem methodology that considers customer needs, business advancements, and external requirements

  • Enable sustainable GM Value Streams, to promote secure practices and advocate for a cybersecurity-by-design culture

  • Broaden cybersecurity risk management and advise business, technology, and cybersecurity stakeholders and executive leadership

Govern & Guide

  • Research emerging technologies and methodologies to increase GM’s ability to mitigate unconventional threat vectors

  • Engage with third-parties, partners, and industry to evolve domain-focused security solutions

  • Monitor changes in technology, the industry, and regulatory landscapes to keep GM Cybersecurity aware of emerging threats and risks

  • Establish ecosystem cybersecurity metrics and define Key Performance Indicators, standards, processes, and procedures

Develop & Coach

  • Guidelines, standards, patterns, cybersecurity principles, findings and lessons learned

  • Product/Service-focused ecosystem architecture models (relational, interaction diagrams) including

  • End-to-end information flow

  • Risks, attack paths, and mitigations

  • Privacy, standards, and regulatory compliance

  • Skills, capabilities, and technologies

  • Ecosystem security models and roadmaps

  • Inventories, asset registers, ownership, roles and responsibilities

[Additional Description]

Your Skills & Abilities (Required Qualifications)

  • Bachelor’s Degree or equivalent work experience (10 years+) in cybersecurity with a focus on security architecture, identity & access management and solutions architecture in large, complex technical environments

Technical Experience

  • Demonstrable experience designing or managing a corporate cybersecurity and compliance program(s)

  • Experience with on-premises, hosted, and cloud services supporting products and services requiring a converged approach

  • Extensive knowledge in security principles, such as encryption/key management, network design, access control and incident containment

  • Familiar with information, embedded, and operational technology disciplines, intersections, and security solutions

  • Thorough understanding of security principles, such as encryption/key management, network design, access control and incident containment

  • Knowledge of the regulatory landscape and intricacies related to industry cybersecurity standards and best practices ( examples include: NIST CSF, SSDF, NIST 800-53, ISO 270001/2, ISO/IEC 15.x.x, NHTSA Best Practices, ISO/SAE 21434, SOC2, etc ) and state privacy laws

  • Industry certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), GIAC Security Essentials (GSEC), Certified Information Security Manager (CISM), or other.

  • Experience with policy/standard creation and acceptance

Interpersonal Experience

  • Excellent communication and collaboration skills, including the ability to lead without authority, resolve cross-team issues, effectively communicate changes, and interact with team members at all levels from the end-user to senior leadership

  • Exhibit creative and analytical thinking to evaluate situations objectively, work independently with minimum direction in a fast-paced environment, and collaborate effectively

  • Superb communicator to serve as primary liaison between business and technical teams

  • A growth mindset and willingness to learn and continuously improve

  • Thorough understanding of risk management principles and processes

  • Capable of decisions and recommendations while considering tradeoffs between conflicting objectives

  • Business acumen and management skills; personable, approachable, empathetic; proved managerial courage

  • Exhibit leadership in cross-functional teams to develop, implement, and test cross-domain solutions

  • Strong teamwork, project management, and team-building skills and the potential to direct teams and push projects across various departments

What Will Give You a Competitive Edge (Preferred Qualifications)

  • Experience in more than one domain of cybersecurity (IT, Manufacturing, Product)

  • Proficient in architecture frameworks (TOGAF, Zachman)

  • 15 years of overall automotive or technology experience

  • Strong knowledge and experience of on-premises, hosted, and cloud security; industry cybersecurity standards and best practices listed above

This position requires the ability to legally operate a motor vehicle on a regular basis and successfully complete a Motor Vehicle Report review.

GM DOES NOT PROVIDE IMMIGRATION-RELATED SPONSORSHIP FOR THIS ROLE. DO NOT APPLY FOR THIS ROLE IF YOU WILL NEED GM IMMIGRATION SPONSORSHIP (e.g., H-1B, TN, STEM OPT, etc) NOW OR IN THE FUTURE.

Renseignements sur la diversité

General Motors est résolue à être un lieu de travail qui est non seulement exempt de discrimination illégale, mais aussi un endroit qui favorise véritablement l'inclusion et l'appartenance. Nous sommes convaincus que la diversité de la main-d'œuvre permet de créer un environnement dans lequel nos employés peuvent s'épanouir et développer de meilleurs produits pour nos clients. Nous encourageons les candidats intéressés à consulter les principales responsabilités et compétences requises pour chaque rôle et à postuler à tout poste qui leur correspond. Dans le cadre du processus de recrutement, les candidats peuvent devoir, le cas échéant, réussir une évaluation liée au poste ou une présélection d'emploi avant d'être embauchés.  Pour en savoir plus, consultez notre processus de recrutement.

Déclaration concernant l'égalité d'accès à l'emploi (É.-U.)

General Motors est fière d'être un employeur souscrivant au principe de l'égalité d'accès à l'emploi.  Tous les candidats qualifiés seront pris en compte, sans égard à la race, à la couleur, à la religion, au sexe, à l'orientation sexuelle, à l'identité de genre, à l'origine ethnique, aux situations de handicap ou au statut protégé d'ancien combattant. 

Aménagements (É.-U. et Canada)

General Motors offre des occasions à tous les chercheurs d'emploi, y compris les personnes handicapées. Si vous avez besoin d'un accommodement raisonnable pour vous aider dans votre recherche d'emploi ou la soumission de votre candidature, envoyez-nous un courriel à l'adresse Careers.Accommodations@GM.com ou appelez-nous au 800 865-7580. Veuillez inclure dans votre courriel une description spécifique du type d'accommodement demandé, ainsi que le titre d'emploi et le numéro de demande du poste auquel vous postulez.