About the position
Genuine Parts Company is seeking world-class talent to join the world's leading distributor of automotive and industrial replacement parts and value-added services. This role will function as the leader of a newly formed team, focusing on building security awareness, standards, controls, and compliance in the treasury and payments line of business across the globe. The Lead Engineer - Global Application Security will work with in-depth knowledge of both strategies and acceptable risk tolerances across a broad scope of applications. Close collaboration and alignment with business teams, application development teams, and security operations will be required. Strong technical knowledge, security expertise, and exceptional abilities in building and maintaining working relationships and organizational savvy are essential. High-level communication and presentation skills are required.
Responsibilities
- Report to the Global Manager of Application Security with responsibility for implementing AppSec technology security strategy.
- Maintain knowledge of Company systems, applications, and security process and services.
- Develop findings based on application security principles, deliver findings to application teams, and assist in remediation.
- Threat model applications and advocate for controls that protect the business against financial loss occurring from application exploits, data exposure, fraud, & social engineering.
- Provide escalation path for security inquiries, issues, and incidents across the scope of applications.
- Review specification documents of functional and non-functional requirements for new features, functionalities, and enhancements in application technology space.
- Drive the execution of applications security roadmap by effectively documenting and communicating requirements to all stakeholders at the appropriate level and cadence.
- Analyze and determine the impact of new issues, functionality, and technology to existing business and system security processes and recommend adjustments needed to align with changing trends, behaviors, or performance.
- Effectively, consistently, and proactively communicate security issue status, and related information to cross-functional teams and at all levels.
- Conduct research on industry trends and maintain knowledge of competitive landscape and digital innovations.
- Develop subject matter expertise of GPC's brands, product lines, customers, and industries.
- Other duties as assigned.
Requirements
- Degree in Computer Science, Engineering field, or equivalent experience
- 5+ years' experience in Application Development & Security roles including experience in vulnerability management, process implementation, and business collaboration.
- Demonstrated experience with application security penetration testing and toolsets.
- Demonstrated experience software threat modeling & application architecture review.
- Excellent oral and written communication with ability to explain common application vulnerabilities and remediation paths.
- Analytical and problem-solving skills commensurate with a senior experience level.
Benefits
- Flexible Work Policy that permits eligible employees to work a hybrid remote schedule.
