Cyber Threat and Risk Assessment Compliance Lead

Description
Hybrid:
This role is categorized as hybrid. This means the successful candidate is expected to report to Warren, MI three times per week, at minimum [or other frequency dictated by the business].
Relocation:
This job is not eligible for relocation benefits. Any relocation costs would be the responsibility of the selected candidate.
The Cyber Security TARA Compliance Lead is responsible for ensuring the quality and consistency of automotive cyber threat models and security control-to-validation test traceability to support cyber security type approval certifications.
Key Responsibilities:

• TARA governance: Conduct comprehensive attack path-based threat models for automotive systems per ISO/SAE 21434 requirements when required. Establish TARA practices, including security engineer TARA onboarding, periodic training, and cyber security type approval support.
• Standards Shaping: Actively participate in standards body cyber security technical committees (e.g., SAE and GRVA) and contribute to the development and evolution of standards that impact cyber security type approval requirements. Provide expert insights and recommendations that represent GM's position.
• Cross-functional Collaboration: Matrix across multiple GM engineering teams to ensure the integration of cybersecurity measures into all aspects of automotive system development.
• Traceability: Maintain and enforce processes fundamental to document traceability from TARA to requirements management to deviations to validation tests.
• Reporting and Documentation: Prepare, collate, and archive TARA reports. Document all processes and actions taken in compliance with ISO/SAE 21434 for audit and record-keeping purposes.

Additional Description
Required Qualifications

• Automotive Cybersecurity: Minimum 3-5 years of hands-on experience with ISO/SAE 21434 threat modeling and risk analysis for automotive systems
• Standards Knowledge: Demonstrated familiarity with UN R155, ISO/SAE 21434, and regulatory approval workflows
• Traceability & Process Control: Proven ability to manage TARA traceability across requirements, deviations, and validation test plans
• Documentation & Reporting: Experience producing audit-ready reports aligned to compliance frameworks and lifecycle governance
• Cross-functional Collaboration: Strong ability to matrix across multiple engineering domains (electrical, software, validation) to implement cybersecurity controls

Desired Qualifications

• Standards Body Participation: Prior contribution to standards committees (e.g., SAE G-32, WP.29 GRVA) or regulatory working groups
• TARA Governance Frameworks: Experience onboarding cybersecurity engineers into TARA processes and conducting periodic threat modeling training
• Strategic Influence: Ability to shape internal cybersecurity policy based on external regulatory trends or Type Approval changes
• Tool Expertise: Familiarity with modeling platforms like itemis SECURE, VULTARA, Yocto TARA Builder, and process management systems (e.g., Stages)
• Education: Master's in cybersecurity, systems engineering, or a closely related field preferred

GM DOES NOT PROVIDE IMMIGRATION-RELATED SPONSORSHIP FOR THIS ROLE. DO NOT APPLY OR THIS ROLE IF YOU WILL NEED GM IMMIGRATION SPONSORSHIP NOW OR IN THE FUTURE. THIS INCLUDES DIRECT COMPANY SPONSORSHIP, ENTRY OF GM AS THE IMMIGRATION EMPLOYER OF RECORD ON A GOVERNMENT FORM, AND ANY WORK AUTHORIZATION REQUIRING A WRITTEN SUBMISSION OR OTHER IMMIGRATION SUPPORT FROM THE COMPANY (e.g., H-1B, OPT, STEM OPT, CPT, TN, J-1, etc.)
About GM
Our vision is a world with Zero Crashes, Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better, safer and more equitable for all.
Why Join Us
We believe we all must make a choice every day - individually and collectively - to drive meaningful change through our words, our deeds and our culture. Every day, we want every employee to feel they belong to one General Motors team.
Total Rewards | Benefits Overview
From day one, we're looking out for your well-being-at work and at home-so you can focus on realizing your ambitions. Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources.
Non-Discrimination and Equal Employment Opportunities (U.S.)
General Motors is committed to being a workplace that is not only free of unlawful discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that providing an inclusive workplace creates an environment in which our employees can thrive and develop better products for our customers.
All employment decisions are made on a non-discriminatory basis without regard to sex, race, color, national origin, citizenship status, religion, age, disability, pregnancy or maternity status, sexual orientation, gender identity, status as a veteran or protected veteran, or any other similarly protected status in accordance with federal, state and local laws.
We encourage interested candidates to review the key responsibilities and qualifications for each role and apply for any positions that match their skills and capabilities. Applicants in the recruitment process may be required, where applicable, to successfully complete a role-related assessment(s) and/or a pre-employment screening prior to beginning employment. To learn more, visit How we Hire.
Accommodations
General Motors offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us [email protected] or call us at 800-865-7580. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.