Ecosystem Cybersecurity Architect
Description
Work Arrangement
This role is categorized as hybrid. This means the successful candidate is expected to report to GM Global Technical Center in Warren, Michigan three times per week, at minimum.
The Role
The Ecosystem Cybersecurity Architect brings together complex and converging across General Motors and third-party ecosystems to secure technologies. Through a holistic view of cybersecurity of customer-facing products and services to surface interconnected risks, illuminate digital dependencies, and define roles and responsibilities. Through broad cross-functional ability to execute global cybersecurity strategy by fostering collaboration, increasing awareness, and enhancing engagement.
Together our partners and Cybersecurity Risk Management team seek opportunities to assess tasks, plan, and execute on time. Our role is pivotal in the enterprise practices around cybersecurity with exposure to senior leaders around the organization. Driving the corporate and industry facing GM Cybersecurity strategy and leadership to encompass our customers, products, and assets.
What You'll Do (Responsibilities)
Analyze & Align
- Execute the end-to-end evaluation of products, services, and solutions that align with business and customer needs
- Pioneer the assessment and understanding of risks, threats, and exploits at an ecosystem level to enable risk-informed decisions
- Examine new and existing product, systems, and interfaces to decide the efficacy of cybersecurity programs
- Drive ecosystem threat modeling, risk assessment, and penetration testing and advise on proper mitigations
- Understand where data interdependencies live across the ecosystem
Lead & Enrich
- Spearhead GM's cybersecurity center of excellence and devise a holistic cybersecurity strategy
- Develop an ecosystem methodology that considers customer needs, business advancements, and external requirements
- Enable sustainable GM Value Streams, to promote secure practices and advocate for a cybersecurity-by-design culture
- Broaden cybersecurity risk management and advise business, technology, and cybersecurity stakeholders and executive leadership
Govern & Guide
- Research emerging technologies and methodologies to increase GM's ability to mitigate unconventional threat vectors
- Engage with third-parties, partners, and industry to evolve domain-focused security solutions
- Monitor changes in technology, the industry, and regulatory landscapes to keep GM Cybersecurity aware of emerging threats and risks
- Establish ecosystem cybersecurity metrics and define Key Performance Indicators, standards, processes, and procedures
Develop & Coach
- Guidelines, standards, patterns, cybersecurity principles, findings and lessons learned
- Product/Service-focused ecosystem architecture models (relational, interaction diagrams) including
- End-to-end information flow
- Risks, attack paths, and mitigations
- Privacy, standards, and regulatory compliance
- Skills, capabilities, and technologies
- Ecosystem security models and roadmaps
- Inventories, asset registers, ownership, roles and responsibilities
Additional Description
Your Skills & Abilities (Required Qualifications)
- Bachelor's Degree or equivalent work experience (10 years+) in cybersecurity with a focus on security architecture, identity & access management and solutions architecture in large, complex technical environments
Technical Experience
- Demonstrable experience designing or managing a corporate cybersecurity and compliance program(s)
- Experience with on-premises, hosted, and cloud services supporting products and services requiring a converged approach
- Extensive knowledge in security principles, such as encryption/key management, network design, access control and incident containment
- Familiar with information, embedded, and operational technology disciplines, intersections, and security solutions
- Thorough understanding of security principles, such as encryption/key management, network design, access control and incident containment
- Knowledge of the regulatory landscape and intricacies related to industry cybersecurity standards and best practices ( examples include: NIST CSF, SSDF, NIST 800-53, ISO 270001/2, ISO/IEC 15.x.x, NHTSA Best Practices, ISO/SAE 21434, SOC2, etc ) and state privacy laws
- Industry certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), GIAC Security Essentials (GSEC), Certified Information Security Manager (CISM), or other.
- Experience with policy/standard creation and acceptance
Interpersonal Experience
- Excellent communication and collaboration skills, including the ability to lead without authority, resolve cross-team issues, effectively communicate changes, and interact with team members at all levels from the end-user to senior leadership
- Exhibit creative and analytical thinking to evaluate situations objectively, work independently with minimum direction in a fast-paced environment, and collaborate effectively
- Superb communicator to serve as primary liaison between business and technical teams
- A growth mindset and willingness to learn and continuously improve
- Thorough understanding of risk management principles and processes
- Capable of decisions and recommendations while considering tradeoffs between conflicting objectives
- Business acumen and management skills; personable, approachable, empathetic; proved managerial courage
- Exhibit leadership in cross-functional teams to develop, implement, and test cross-domain solutions
- Strong teamwork, project management, and team-building skills and the potential to direct teams and push projects across various departments
What Will Give You a Competitive Edge (Preferred Qualifications)
- Experience in more than one domain of cybersecurity (IT, Manufacturing, Product)
- Proficient in architecture frameworks (TOGAF, Zachman)
- 15 years of overall automotive or technology experience
- Strong knowledge and experience of on-premises, hosted, and cloud security; industry cybersecurity standards and best practices listed above
This position requires the ability to legally operate a motor vehicle on a regular basis and successfully complete a Motor Vehicle Report review.
GM DOES NOT PROVIDE IMMIGRATION-RELATED SPONSORSHIP FOR THIS ROLE. DO NOT APPLY FOR THIS ROLE IF YOU WILL NEED GM IMMIGRATION SPONSORSHIP (e.g., H-1B, TN, STEM OPT, etc) NOW OR IN THE FUTURE.
About GM
Our vision is a world with Zero Crashes, Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better, safer and more equitable for all.
Why Join Us
We aspire to be the most inclusive company in the world. We believe we all must make a choice every day - individually and collectively - to drive meaningful change through our words, our deeds and our culture. Every day, we want every employee, no matter their background, ethnicity, preferences, or location, to feel they belong to one General Motors team.
Total Rewards | Benefits Overview
From day one, we're looking out for your well-being-at work and at home-so you can focus on realizing your ambitions. Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources.
Diversity Information
General Motors is committed to being a workplace that is not only free of unlawful discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that workforce diversity creates an environment in which our employees can thrive and develop better products for our customers. We encourage interested candidates to review the key responsibilities and qualifications for each role and apply for any positions that match their skills and capabilities. Applicants in the recruitment process may be required, where applicable, to successfully complete a role-related assessment(s) and/or a pre-employment screening prior to beginning employment. To learn more, visit How we Hire
Equal Employment Opportunity Statement (U.S.)
General Motors is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Accommodations (U.S. and Canada)
General Motors offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us [email protected] or call us at 800-865-7580. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.