Product Cybersecurity Vulnerability Analyst

General Motors - Warren, MI

posted 10 days ago

Full-time - Mid Level
Warren, MI
Transportation Equipment Manufacturing

About the position

The Product Cybersecurity Vulnerability Analyst at General Motors plays a critical role in safeguarding the cybersecurity posture of GM's products and systems. This position involves creating and maintaining security policies, ensuring compliance, and fostering a culture of security awareness within software development teams. The analyst will utilize advanced security tools to enforce risk-based policies and provide guidance on vulnerability management, contributing to the overall security of in-vehicle software development processes.

Responsibilities

  • Utilize GitHub Advanced Security and/or FOSSA to establish and enforce risk-based security policies.
  • Socialize security policies across different in-vehicle software development teams, fostering a culture of security awareness and accountability.
  • Provide remediation guidance and support to in-vehicle, mobile, and connected service software development teams.
  • Collaborate with cybersecurity specification owners to update and/or create vulnerability compliance requirements.
  • Develop commensurate process and training materials.
  • Stay abreast of the latest security threats, vulnerabilities, and attack techniques specific to the automotive industry.
  • Track the accurate creation and ingestion of security-related SBOMs from internal teams and suppliers.
  • Coordinate with preferred software composition analysis tooling vendor staff to integrate advanced security scanning features into Product Cybersecurity's vulnerability management program.
  • Participate in any supply chain security-related activities, as appropriate.

Requirements

  • Bachelor's degree in Computer Science, Cybersecurity, Software Engineering, or a related field.
  • 5+ years of relevant experience.
  • Minimum of 3+ years of post-graduation professional workplace Vulnerability Analyst experience.
  • Proven experience in developing and implementing security policies within software development environments.
  • Ability to learn and retain new skills to meet the demands of a rapidly changing technical environment.
  • Excellent collaboration and communication skills to work effectively with cross-functional teams.
  • High level of autonomy and ability to work independently, taking ownership of security initiatives.
  • Strong analytical mindset and problem-solving abilities to identify and address complex challenges.

Nice-to-haves

  • Interest in the automotive industry with a passion for leveraging technology to enhance vehicle security and safety.
  • Strong knowledge of GitHub Advanced Security and/or FOSSA for policy enforcement and vulnerability management.
  • Direct experience in a Security Operations Center or PSIRT.
  • Deep experience with CVEs, CWEs, CPEs, EPSS, MITRE ATT&CK, FIRST and related industry initiatives.
  • Dev SecOps experience.

Benefits

  • Health savings account
  • Paid holidays
  • Dental insurance
  • 401(k)
  • Tuition reimbursement
  • Paid time off
  • Parental leave
  • Vision insurance
  • 401(k) matching
  • Life insurance

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service