Hybrid - This role is categorized as hybrid. This means the successful candidate is expected to report to their primary location three times per week, at minimum, or other frequency dictated by the business.
The Team:
In recent years, GM Information Technology has successfully executed the largest IT transformation in the history of the automotive industry, fully insourcing what once was a nearly completely outsourced IT function. Today GM IT is a dynamic and fast paced organization that designs, develops and maintains all IT infrastructure, applications and solutions enabling GM’s global operations. From designing and building the next generation of electric and other vehicles to developing a world-class GM experience for our dealers and customers, GM IT is driving real change in the most iconic automaker on the planet.
Our team delivers unique enterprise-wide IT solutions in cutting-edge technologies such as mobility, telematics, mission-critical business systems, supercomputing, cloud, vehicle engineering and real-time computing. We offer challenging positions for passionate professionals looking to advance their careers and be a part of an IT organization focused on innovation, speed and business value.
The Role:
The Sr. Cybersecurity Engineer- Controls Assurance is responsible for conducting and leading, assessments of IT Controls across varying platforms, including mainframe, mid-range, and cloud environments, and associated technology components (e.g. applications, infrastructure, network, middleware, database, etc.). Assessment activities are conducted primarily to ensure compliance with various legal and regulatory requirements, as well as, adherence to various Corporate Policies, Industry Standards / Maturity Models, or other requirements set forth by IT management.
This role also involves leading and executing projects as assigned, and involves interacting with and engaging technical IT personnel outside of the immediate workgroup. All work is performed in a corporate environment, which is global in nature, and involves executing standard auditing methodologies, processes, and tools in the areas of audit planning, field work, data analysis, reporting, work paper documentation, and quality assurance (QA). This role requires advanced Mainframe OS and Security Tool Administrative, as well as very strong data manipulation skills (MS Excel) to extract and evaluate technical information used to perform compliance assessments.
In this role you will perform complex assignments requiring a wider application of security principles, theories and concept. You will interact with senior internal leadership. May lead and provide direction to a team of individuals. Expected to influence without direct control. You will work with independence, though some support and advice is readily available from the manager. During the year, you will set short term objectives and guidelines in support of IT security strategy, which have a direct impact on IT Security's overall results. You will hold yourself and others accountable for demonstrating GMs values and cultural behaviors.
What You'll Do (Responsibilities):
- Develop a high-level understanding of the control environment (e.g. function and design).
- Follow the existing assessment objectives and scope of control testing.
- Execute field work and collect / analyze evidence.
- Conclude on the adequacy of the control design and operating effectiveness.
- Document findings and conclusions.
- Report the status and results of the assessment.
- Understand and maintain compliance with GM standards and industry standard methodology.
- Holds themselves and others accountable for demonstrating GMs values and cultural behaviors.
- Models GM behaviors and crafts a winning culture.
