Product Cybersecurity Vulnerability Analyst

General Motors - Austin, TX

posted 9 days ago

Full-time - Mid Level
Austin, TX
Transportation Equipment Manufacturing

About the position

The Product Cybersecurity Vulnerability Analyst at General Motors plays a crucial role in safeguarding the cybersecurity posture of GM's products and systems. This position involves creating and maintaining security policies, ensuring compliance, and fostering a culture of security awareness across various software development teams. The analyst will also provide remediation guidance, collaborate on vulnerability compliance requirements, and stay updated on the latest security threats in the automotive industry.

Responsibilities

  • Utilize GitHub Advanced Security and/or FOSSA to establish and enforce risk-based security policies.
  • Socialize security policies across different in-vehicle software development teams, fostering a culture of security awareness and accountability.
  • Provide remediation guidance and support to in-vehicle, mobile, and connected service software development teams.
  • Collaborate with cybersecurity specification owners to update and/or create vulnerability compliance requirements.
  • Develop commensurate process and training materials.
  • Stay abreast of the latest security threats, vulnerabilities, and attack techniques specific to the automotive industry.
  • Track the accurate creation and ingestion of security-related SBOMs from internal teams and suppliers.
  • Coordinate with preferred software composition analysis tooling vendor staff to integrate advanced security scanning features into Product Cybersecurity's vulnerability management program.
  • Participate in any supply chain security-related activities, as appropriate.

Requirements

  • Bachelor's degree in Computer Science, Cybersecurity, Software Engineering, or a related field.
  • 5+ years of relevant experience.
  • Minimum of 3+ years of post-graduation professional workplace Vulnerability Analyst experience.
  • Proven experience in developing and implementing security policies within software development environments.
  • Ability to learn and retain new skills to meet the demands of a rapidly changing technical environment.
  • Excellent collaboration and communication skills to work effectively with cross-functional teams.
  • High level of autonomy and ability to work independently, taking ownership of security initiatives.
  • Strong analytical mindset and problem-solving abilities to identify and address complex challenges.

Nice-to-haves

  • Interest in the automotive industry with a passion for leveraging technology to enhance vehicle security and safety.
  • Strong knowledge of GitHub Advanced Security and/or FOSSA for policy enforcement and vulnerability management.
  • Direct experience in a Security Operations Center or PSIRT.
  • Deep experience with CVEs, CWEs, CPEs, EPSS, MITRE ATT&CK, FIRST and related industry initiatives.
  • Dev SecOps experience.

Benefits

  • Paid time off including vacation days, holidays, and parental leave for mothers, fathers and adoptive parents.
  • Healthcare (including a triple tax advantaged health savings account and wellness incentive), dental, vision and life insurance plans to cover you and your family.
  • Company and matching contributions to 401K savings plan to help you save for retirement.
  • Global recognition program for peers and leaders to recognize and be recognized for results and behaviors that reflect our company values.
  • Tuition assistance and student loan refinancing.
  • Discount on GM vehicles for you, your family and friends.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service