Security Engineer - Application Security

General Motor
September 22, 2023
Offerd Salary:Negotiation
Working address:N/A
Contract Type:Other
Working Time:Negotigation
Working type:N/A
Ref info:N/A
Description Work Arrangement:

This is a Hybrid position. The role will allow employees to work offsite but will also require onsite work based on business needs. The selected candidate will be expected to commute to the innovation center to which they are assigned as their primary GM facility. This position requires an employee to be onsite 1-3 times per week.

About the General Motors Security team

GM's Information Security and Risk Management Team protects and defends the company's information, networks and infrastructure. We are looking for talented Information Security and Risk Management Professionals in the fields of incident response, cyber-intelligence, enterprise security architecture, digital forensics, application security and compliance with the passion and expertise to perform in a complex, global environment amidst today's evolving threat landscape.

About the role

This role supports the activities of the Cyber Defense team which is responsible for protecting against threats and vulnerabilities, detecting, analyzing, and containing attacks on GM's digital information and infrastructure. This role will be responsible for testing the design and effectiveness of security controls of information systems, networks and applications within the GM environment. This role will be required to perform hands-on, technical penetration and ethical hacking tests of all facets of the GM environment.

What You'll Do:

  • Lead application security functions, developing and driving programmatic efforts to address external, internal, and emerging application security risks throughout the organization.
  • Conduct security assessments of application, network, and computing architecture before and after applications are deployed in.
  • Communicate technical application security control concepts to team members, including developers, architects, and managers.
  • Perform security evaluations, penetration testing, and reviews to identify vulnerabilities and weaknesses.
  • Serve as the overall API technology expert within Information Services to drive digital transformation through APIs across the enterprise accelerating products and services for our members and employees
  • Design and implement security solutions for our APIs and applications
  • Conduct security assessments and audits of API-based and application-based applications
  • Identify and assess API security and application security risks and vulnerabilities
  • Integrate API security and application security solutions with existing enterprise security infrastructure
  • Conduct security testing techniques such as SAST, DAST, and open-source component analysis
  • Ensure compliance with industry-standard security protocols and technologies such as OAuth, JWT, SSL/TLS, OWASP Top 10, etc
  • Develop and maintain documentation related to API and application security policies and procedures
  • Collaborate with cross-functional teams to implement effective security solutions
  • Stay up-to-date with the latest security trends, threats, and vulnerabilities
  • Additional Description Your Skills & Abilities (Required Qualifications)
  • Bachelor's degree in Information Systems or related field with adequate experience in the field of information security is acceptable.
  • 3-5 years hands-on experience in either: cyber defense, penetration testing, or vulnerability management
  • Programming experience in Java, C++, Perl or Python
  • Experience with white-box or gray-box testing
  • Experience with application security source code reviews
  • Advanced knowledge of operating system and database security (Windows, Unix, Linux, SQL, and Oracle etc.)
  • Experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols
  • Hands-on experience with commercial and open-source network and application security testing tools
  • Demonstrated sound written and verbal communication skills.
  • Extensive ability to transform technical concepts into usable documented material for non-technical users
  • Work on multiple projects simultaneously, set priorities and meet deadlines
  • Work independently and manage workload with organization to meet expectations and objectives.
  • Absorb, retain and organize information gathered from multiple sources and in a variety of formats.
  • High level of integrity in dealing with confidential and sensitive information.
  • What Will Give You A Competitive Edge (Preferred Qualifications)
  • Master's degree in a relevant field
  • Experience developing exploits
  • Obtained certifications in one or more of the following preferred:

    About GM

    Our vision is a world with Zero Crashes, Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better, safer and more equitable for all.

    Why Join Us

    We aspire to be the most inclusive company in the world. We believe we all must make a choice every day – individually and collectively – to drive meaningful change through our words, our deeds and our culture. Our Work Appropriately philosophy supports our foundation of inclusion and provides employees the flexibility to work where they can have the greatest impact on achieving our goals, dependent on role needs. Every day, we want every employee, no matter their background, ethnicity, preferences, or location, to feel they belong to one General Motors team.

    Total Rewards Benefits Overview

    From day one, we're looking out for your well-being–at work and at home–so you can focus on realizing your ambitions. Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources.

    Diversity Information

    General Motors is committed to being a workplace that is not only free of discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that workforce diversity creates an environment in which our employees can thrive and develop better products for our customers. We understand and embrace the variety through which people gain experiences whether through professional, personal, educational, or volunteer opportunities. GM is proud to be an equal opportunity employer.

    We encourage interested candidates to review the key responsibilities and qualifications and apply for any positions that match your skills and capabilities.

    Equal Employment Opportunity Statements

    The policy of General Motors is to extend opportunities to qualified applicants and employees on an equal basis regardless of an individual's age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity/expression or veteran status. Additionally, General Motors is committed to being an Equal Employment Opportunity (EEO) Employer and offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us at [email protected] or call us at 800-865-7580. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.

    From this employer

    Recent blogs

    Recent news