Senior Cybersecurity Engineer-Governance, Risk & Compliance (GRC)

Description

The Role:

General Motors is seeking a highly motivated and well-rounded Senior Cybersecurity Engineer to join our Governance, Risk & Compliance (GRC) team. This role is critical to advancing GM’s cybersecurity maturity by supporting the development of next-generation cybersecurity policies and standards, and by negotiating security provisions in third-party contracts.

The successful candidate will collaborate with internal stakeholders and external partners to ensure GM’s cybersecurity posture remains resilient, compliant, and forward-looking. In this role you will perform complex assignments requiring a wider application of security principles, theories and concept. You will interact with senior internal leadership. May lead and provide direction to a team of individuals. Expected to influence without direct control. You will work with independence, though some support and advice is readily available from the manager.

During the year you will set short term objectives and guidelines in support of security strategy, which have a direct impact on Security's overall results. You will holds yourself and others accountable for demonstrating GMs values and cultural behaviors. Models GM behaviors and creates a winning culture.

What You'll Do (Responsibilities):

Assist in the development and modernization of cybersecurity policies, standards, and procedures while ensuring alignment with industry frameworks (NIST CSF, ISO 27001).

Manage departmental compliance to corporate policies, regulatory requirements, and NIST cybersecurity frameworks.

Document and process cybersecurity policy deviations, including associated risks, and remediation plans.

Lead collaboration efforts with the procurement and legal teams to ensure implementation of contractual cybersecurity requirements for third parties.

Serving as the security Subject Matter Expert in contract negotiations and making approval recommendations on deviation requests.

Evaluating, and clearly articulating, identified Security risks to stakeholders and the potential impact to GM.

Promoting security awareness campaigns, and conducting training.

Provide strategic support to leadership by managing ad-hoc requests and initiatives aimed at advancing departmental objectives and operational excellence.

Develop and evolve executive-level reports and dashboards that illustrate third-party risk posture, trends, and mitigation strategies.

Continuously enhance and drive efficiencies in GRC process workflows to strengthen GM’s cybersecurity program in response to emerging threats, regulatory changes, and industry trends.

Promote a culture of continuous learning and improvement through postmortem reviews, documenting lessons learned, and analyzing stakeholder feedback.

Maintaining and fostering strong partnerships with key stakeholders, both inside of GM and external to the company.

Your Skills & Abilities (Required Qualifications):

Bachelor’s degree in Cybersecurity, Information Technology, or related field

Minimum of 5 years of experience in cybersecurity, with a focus on GRC, policy development, or contract negotiation

Strong understanding of security frameworks such as NIST CSF, ISO 27001, PCI, and CIS Controls

Proven experience in policy and standards creation, including drafting, reviewing, and stakeholder engagement

Demonstrated ability to assess and interpret security controls in technical and business contexts

People Skills:

Excellent communication and negotiation skills

Solid project management capabilities, including planning, tracking, and reporting

Ability to work independently and collaboratively in a fast-paced, dynamic environment

What Will Give You A Competitive Advantage (Preferred Qualifications):

ServiceNow experience

Experience working in a regulated industry (automotive, financial services, healthcare, etc.)

Knowledgeable in third-party risk management and supplier assurance processes

Certifications such as CISSP, CISM, CRISC, or CIPP

Familiarity with artificial intelligence concepts

#LI-DH2

GM does not provide immigration-related sponsorship for this role. Do not apply for this role if you will need GM immigration sponsorship now or in the future. This includes direct company sponsorship, entry of GM as the immigration employer of record on a government form, and any work authorization requiring a written submission or other immigration support from the company (e.g., H1-B, OPT, STEM OPT, CPT, TN, J-1, etc.)

This role is categorized as hybrid. This means the selected candidate is expected to report to a specific location at least 3 times a week {or other frequency dictated by their manager}.

This job may be eligible for relocation benefits.

About GM

Our vision is a world with Zero Crashes, Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better, safer and more equitable for all.

Why Join Us

We believe we all must make a choice every day – individually and collectively – to drive meaningful change through our words, our deeds and our culture. Every day, we want every employee to feel they belong to one General Motors team.

Total Rewards | Benefits Overview

From day one, we're looking out for your well-being–at work and at home–so you can focus on realizing your ambitions. Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources.

Non-Discrimination and Equal Employment Opportunities (U.S.)

General Motors is committed to being a workplace that is not only free of unlawful discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that providing an inclusive workplace creates an environment in which our employees can thrive and develop better products for our customers.

All employment decisions are made on a non-discriminatory basis without regard to sex, race, color, national origin, citizenship status, religion, age, disability, pregnancy or maternity status, sexual orientation, gender identity, status as a veteran or protected veteran, or any other similarly protected status in accordance with federal, state and local laws.

We encourage interested candidates to review the key responsibilities and qualifications for each role and apply for any positions that match their skills and capabilities. Applicants in the recruitment process may be required, where applicable, to successfully complete a role-related assessment(s) and/or a pre-employment screening prior to beginning employment. To learn more, visit How we Hire.

Accommodations

General Motors offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us [email protected] or call us at 800-865-7580. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.