MFG IT Cyber Security Solutions Architect

About GM

There's never been a more exciting time to work for General Motors.

To achieve our vision of a world with Zero Crashes, Zero Emissions and Zero Congestion, we need people to join us who are passionate about creating safer, better and more sustainable ways for people to get around. This bold vision won't happen overnight, but just as we transformed how the world moved in the last century, we are committed to transforming how we move today and in the future.

Why Work for Us

Our culture is focused on building inclusive teams, where differences and unique perspectives are embraced so you can contribute to your fullest potential as you pursue your career. Our locations feature a variety of work environments, including open work spaces and virtual connection platforms to inspire productivity and flexible collaboration. And we are proud to support our employees volunteer interests, and make it a priority to join together in efforts that give back to our communities.

Job Description

In recent years, GM Information Technology has successfully executed the largest IT transformation in the history of the automotive industry, fully insourcing what once was a nearly completely outsourced IT function. Today GM IT is a dynamic and fast paced organization that designs, develops and maintains all IT infrastructure, applications and solutions enabling GM's global operations. From designing and building the next generation of electric and other vehicles to developing a world-class GM experience for our dealers and customers, GM IT is driving real change in the most iconic automaker on the planet. Our team delivers unique enterprise-wide IT solutions in cutting-edge technologies such as mobility, telematics, mission-critical business systems, supercomputing, cloud, vehicle engineering and real-time computing. We offer challenging positions for passionate professionals looking to advance their careers and be a part of an IT organization focused on innovation, speed and business value.

The Senior Security Specialist is a technical leadership position which requires leading the definition and implementation of GM Cyber Security technology direction, standards or technology roadmaps across GM business units or cross functional IT organizations within multiple security domains - this assignment requires originality, ingenuity, and a wider application of principles, theories, and concepts

Addresses the broadest and most complex problems of multiple security disciplines within the organization. Designs and develops security solutions to considerably complex problems. Exhibits managerial courage and contributes to strategy and policy development and / or develops guidelines and implementation procedures for new strategies and policies. May provide strategic direction, guidance and integration of security products and services within organization. Interacts with senior leaders, business partners, and / or vendors. Has considerable latitude for unreviewed action or decision. Works with independence and under minimal direction. May provide direction to matrixed or leveraged resources. Expert demonstrating proficiency in a wide range of information security technologies and platforms which may include: expert high level analytical ability where problems are typically unusual and difficult; ability to gather and interpret complex quantitative or qualitative data; extensive expertise of leading-edge or complex security technologies, relevant disciplines, theories, or techniques; broad and deep intellectual understanding of the security function and GM Business. Decisions are typically based on extensive functional and technical acumen and experience - results achieved enhance the intellectual capital of the organization and affects its overall capability. Provides guidance, coaching and/or training to others as appropriate. Holds themselves and others accountable for demonstrating GMs values and cultural behaviors. Models GM behaviors and creates a winning culture. Performs other related duties as assigned.

Expert demonstrating proficiency in a wide range of information security technologies and platforms which may include: Expert high level analytical ability where problems are typically unusual and difficult - ability to gather and interpret complex quantitative or qualitative data. Extensive expertise of leading-edge or complex security technologies, relevant disciplines, theories, or techniques. Broad and deep intellectual understanding of the security function and GM Business. Decisions are typically based on extensive functional and technical acumen and experience - results achieved enhance the intellectual capital of the organization and affects its overall capability.

Additional Job Description

The main function of a Cybersecurity engineer is to ensure that the data assets of an organization are supported by an architecture that drives the organization in achieving its strategic goal. A typical cyber security engineer is responsible for setting enterprise standards for databases, data integration, and the means to get to the data.

An ideal candidate for this position would be expected to provide technical advice and leadership in the realm of cyber security and have comprehensive knowledge of several areas of specialization within the cyber security discipline and industrial control systems architecture. Candidates in this position are directly responsible for providing technical leadership for engineering design, build, configuration, and testing of security systems and industrial control networks.

• Contribute to project team efforts as the architecture/cyber security engineer for manufacturing plants
• Conduct moderately complex network architecture & cyber security analysis, product configuration, integration testing and troubleshoot difficult problems
• For multiple ongoing projects, provide system specification documentation deliverables to address cybersecurity vulnerabilities and the security controls necessary to mitigate the vulnerabilities to an acceptable level of risk.
• Author technical documentation including product configuration/implementation guides, requirements traceability, test plans, test procedures, test reports, and user administration guides
• Participate in information sharing with internal and external customers including the delivery of presentation material, technical training, and knowledge transfer
• Identify and assist in the development of new business opportunities including input to project proposals and associated technical descriptions when bidding on new projects
• Perform cyber security program policy and procedure development
• Perform system administration, network configuration, and virtual environment management
• Participate in control systems master planning efforts focused on system security including application of host-based security products from a centralized server and secure (hardened) configuration of system components
• Application of network security including firewalls, data diodes, security information & event management, network intrusion detection
• The individual will be full time embedded on the team and will champion Secure by Design fundamental principles that will, starting from initial design and continuing through deployment, result in systems that are less prone to cybersecurity vulnerabilities, lower risk to the business, and reduced spend and business interruptions associated to rework of insecure code.
• Security consulting through software/application security lifecycle (vulnerability identification through remediation) embedding necessary security controls, gates, artifacts into the existing processes
• Assist in building in of security and governance into their development processes.
• Liaison between Manufacturing development teams and the Cybersecurity organization to communicate, embed, and demonstrate compliance to Cybersecurity requirements.
• Approve, schedule, plan and supervise the installation and testing of new products and improvements to computer systems.
• Implement security measures to safeguard information in computer files against accidental or unauthorized damage, modification or disclosure.
• Develop standards and guidelines to guide the use and acquisition of software and to protect vulnerable information.
• Review and assessment of architectural artifacts (e.g. architecture diagrams) for compliance to security policy and identification of risks and potential areas of improvement
• Collaborate with peer Cybersecurity professional in the assessment of IT solution for security posture
• Liaison between Client Cybersecurity organization and the rest of Client to communicate, embed, and demonstrate compliance to Cybersecurity requirements
• The individual will assist in the creation, review, and approval of solution architectural documentation that graphically depicts all components used by the application along with all connections and data flows down to the port/protocol level.
• 10+ years experience in Cybersecurity and Manufacturing

Benefits Overview

The goal of the General Motors total rewards program is to support the health and well-being of you and your family. Our comprehensive compensation plan incudes, the following benefits, in addition to many others:
Paid time off including vacation days, holidays, and parental leave for mothers, fathers and adoptive parents;
Healthcare (including a triple tax advantaged health savings account and wellness incentive), dental, vision and life insurance plans to cover you and your family;
Company and matching contributions to 401K savings plan to help you save for retirement;
Global recognition program for peers and leaders to recognize and be recognized for results and behaviors that reflect our company values;
Tuition assistance and student loan refinancing;
Discount on GM vehicles for you, your family and friends.

Diversity Information

General Motors is committed to being a workplace that is not only free of discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that workforce diversity creates an environment in which our employees can thrive and develop better products for our customers. We understand and embrace the variety through which people gain experiences whether through professional, personal, educational, or volunteer opportunities.GM is proud to be an equal opportunity employer.

We encourage interested candidates to review the key responsibilities and qualifications and apply for any positions that match your skills and capabilities.