Product Cybersecurity Vulnerability Analyst

General Motors - Austin, TX

posted 9 days ago

Full-time
Austin, TX
Transportation Equipment Manufacturing

About the position

The Product Cybersecurity Vulnerability Analyst role at General Motors is focused on ensuring the cybersecurity posture of all GM products and systems. This position involves creating and maintaining security policies, fostering a culture of security awareness, and providing guidance to software development teams. The analyst will also stay updated on the latest security threats and collaborate with various teams to enhance the security of in-vehicle software development processes.

Responsibilities

  • Utilizing GitHub Advanced Security and/or FOSSA to establish and enforce risk-based security policies.
  • Socializing security policies across different in-vehicle software development teams, fostering a culture of security awareness and accountability.
  • Providing remediation guidance and support to in-vehicle, mobile, and connected service software development teams.
  • Collaborating with cybersecurity specification owners to update and/or create vulnerability compliance requirements.
  • Developing commensurate process and training materials.
  • Staying abreast of the latest security threats, vulnerabilities, and attack techniques specific to the automotive industry.
  • Tracking the accurate creation and ingestion of security-related SBOMs from internal teams and suppliers.
  • Coordinating with preferred software composition analysis tooling vendor staff to integrate advanced security scanning features into Product Cybersecurity's vulnerability management program.
  • Participating in any supply chain security-related activities, as appropriate.

Requirements

  • Bachelor's degree in Computer Science, Cybersecurity, Software Engineering, or a related field.
  • 5+ years of relevant experience.
  • Minimum of 3+ years of post-graduation professional workplace Vulnerability Analyst experience.
  • Proven experience in developing and implementing security policies within software development environments.
  • Ability to learn and retain new skills to meet the demands of a rapidly changing technical environment.
  • Excellent collaboration and communication skills to work effectively with cross-functional teams.
  • High level of autonomy and ability to work independently, taking ownership of security initiatives.
  • Strong analytical mindset and problem-solving abilities to identify and address complex challenges.

Nice-to-haves

  • Interest in the automotive industry with a passion for leveraging technology to enhance vehicle security and safety.
  • Strong knowledge of GitHub Advanced Security and/or FOSSA for policy enforcement and vulnerability management.
  • Direct experience in a Security Operations Center or PSIRT.
  • Deep experience with CVEs, CWEs, CPEs, EPSS, MITRE ATT&CK, FIRST and related industry initiatives.
  • Dev SecOps experience.

Benefits

  • Relocation benefits may be available.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service