Staff Product Cybersecurity Engineer - Vehicle Security

Job Description The Role GM’s Product Cybersecurity Team safeguards the security and integrity of our vehicle platforms, embedded systems, and connected services across the entire product lifecycle. Our mission is to proactively defend GM products against evolving cyber threats by engineering cybersecurity into every phase — from concept and architecture through development, validation, production, and in-field operation. We seek product cybersecurity professionals with advanced expertise in secure system design, embedded and automotive security, and risk-based threat analysis, capable of driving security-by-design principles, ensuring compliance with global regulations and standards, and strengthening the resilience of GM’s vehicles and mobility ecosystems. The Staff Product Cybersecurity Engineer defines and leads cybersecurity strategy for new technologies, highly complex features, and major improvements across current and future vehicle platforms. This role provides technical leadership to execution teams for the development, integration, and validation of cybersecurity controls, ensuring alignment with GM’s enterprise security architecture and standards. This is a high-impact, hands-on technical leadership role responsible for defining secure system architectures spanning vehicle ECUs, high-performance compute platforms, ADAS system, charging infrastructure, PKI ecosystems, and external partner interfaces. What You'll Do Cybersecurity Architecture Ownership Define cybersecurity goals, concepts, and technical roadmaps for: ADAS perception, cameras, radar, lidar, and compute domains. On-board chargers, EVSE, and GM Energy products. Architect secure end-to-end systems spanning: Linux-based ECUs (Yocto / AGL / Android Automotive OS). Vehicle networks (CAN, Ethernet, diagnostics). Define charging interfaces and backend ecosystems. Drive secure partitioning, privilege separation, process isolation, and access control models across high-performance compute and embedded platforms. Security Requirements Define and enforce cybersecurity requirements for: ADAS ECUs, sensors, compute platforms. Charging ECUs and Certificate Lifecycle Management (CLM). Plug & Charge (ISO 15118) implementations. Lead secure implementation guidance for: ISO 15118-2 / ISO 15118-20 (certificate handling, TLS, contract management). Secure vehicle communications (TLS, mutual TLS). Ensure regulatory compliance and alignment with ISO/SAE 21434 and UNECE R155 / R156. Threat Modeling & Risk Management Lead TARA, threat modeling, and security architecture reviews for: ADAS compute and autonomy features. Charging use cases (Plug & Charge, smart charging, bi-directional charging). Vehicle-to-cloud and vehicle-to-charger ecosystems. Evaluate risks across: In-vehicle networks Edge devices PKI infrastructure Backend APIs and third-party integrations Provide risk-based design recommendations balancing security, safety, and product constraints. PKI, Cryptography & Secure Communications Define PKI architectures supporting Plug & Charge and charging ecosystems. Specify certificate lifecycle management, key provisioning, secure storage (HSM / secure elements). Drive secure TLS/mTLS implementations across vehicle, charger, and cloud domains. Oversee cryptographic controls for: Contract certificates Backend trust chains ECU authentication mechanisms Secure Linux & Platform Hardening (ADAS Compute) Design and maintain SELinux security policies for Linux-based ECUs. Harden OS configurations: Kernel security configuration System sandboxing Secure boot and chain-of-trust. Review containerization, virtualization, and hypervisor security strategies for ADAS compute platforms. Cross-Functional & Supplier Leadership Partner with system architects, software teams, validation, and cloud engineering. Review supplier security concepts and evidence packages. Provide clear technical guidance and design feedback. Translate complex risks into actionable engineering requirements. Incident Response & Post-Launch Security Support vulnerability assessments and coordinated disclosure. Participate in root-cause analysis and mitigation strategy definition. Contribute to long-term product cybersecurity strategy for ADAS and GM Energy. Your Skills & Abilities (Required Qualifications)  Bachelor’s degree in Computer Engineering, Electrical Engineering, Computer Science, or related field. 7 years of experience in automotive or embedded cybersecurity. Experience with ADAS / autonomy platforms. Strong knowledge of: ISO/SAE 21434 UNECE R155 / R156 Automotive E/E architectures Hands-on experience with: Secure communications (TLS, mTLS, SecOC). PKI, digital certificates, and key management. CAN, UDS, Ethernet, or automotive diagnostics. Experience securing embedded Linux platforms (SELinux, Yocto, OS hardening). Proficient in at least one of the following programming languages: C, C , Python, Go, or Java. Experience with: HSMs and secure elements. Secure boot and hardware root of trust. Strong system-level thinking and ability to drive secure architecture decisions. GM does not provide immigration-related sponsorship for this role. Do not apply for this role if you will need GM immigration sponsorship now or in the future. This includes direct company sponsorship, entry of GM as the immigration employer of record on a government form, and any work authorization requiring a written submission or other immigration support from the company (e.g., H1-B, OPT, STEM OPT, CPT, TN, J-1, etc). This role is categorized as hybrid. This means the selected candidate is expected to report to a specific location at least 3 times a week {or other frequency dictated by their manager}. This job may be eligible for relocation benefits. About GM Our vision is a world with Zero Crashes, Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better, safer and more equitable for all. Why Join Us We believe we all must make a choice every day – individually and collectively – to drive meaningful change through our words, our deeds and our culture. Every day, we want every employee to feel they belong to one General Motors team. Benefits Overview From day one, we're looking out for your well-being–at work and at home–so you can focus on realizing your ambitions. Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources. Non-Discrimination and Equal Employment Opportunities (U.S.) General Motors is committed to being a workplace that is not only free of unlawful discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that providing an inclusive workplace creates an environment in which our employees can thrive and develop better products for our customers. All employment decisions are made on a non-discriminatory basis without regard to sex, race, color, national origin, citizenship status, religion, age, disability, pregnancy or maternity status, sexual orientation, gender identity, status as a veteran or protected veteran, or any other similarly protected status in accordance with federal, state and local laws. We encourage interested candidates to review the key responsibilities and qualifications for each role and apply for any positions that match their skills and capabilities. Applicants in the recruitment process may be required, where applicable, to successfully complete a role-related assessment(s) and/or a pre-employment screening prior to beginning employment. To learn more, visit How we Hire. Accommodations General Motors offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us or call us at 1-800-865-7580. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying. We are leading the change to make our world better, safer and more equitable for all through our actions and how we behave. Learn more about: Our Company Our Culture How we hire Our diverse team of employees bring their collective passion for engineering, technology and design to deliver on our vision of a world with Zero Crashes, Zero Emissions and Zero Congestion. We are looking for adventure-seekers and imaginative thought leaders to help us transform mobility. Explore our global locations We are determined to lead change for the world through technology, ingenuity and harnessing the creativity of our diverse team. Join us to help lead the change that will make our world better, safer and more equitable for all by becoming a member of GM’s Talent Community (beamery.com). As a part of our Talent Community, you will receive updates about GM, open roles, career insights and more. Please note that filling out the form below will not add you to our Talent Community automatically; you will need to use the link above. If you are seeking to apply to a specific role, we encourage you to click “Apply Now” on the job posting of interest.