General Motors Senior Security Architect - ENG0031912 in Detroit, Michigan
The Vehicle Services Senior Security Architect is responsible for providing architectural support to the organization and guidance for project initiatives that include integrated technologies including server side and mobile applications communicating across telecommunications (cellular 4G, 3G, 2G plus wired) and data center networks (ethernet) with applicable security capabilities. The person is responsible for participating in the creation of a holistic approach to the reduction of risk throughout the environment. The Security Architect leads the development of enterprise-wide architectures and designs through consultation and collaboration with business, solution and platform teams.
–Leveraging leading security standards and practices for designing the future state solutions by understanding the business goals and by assessing the current state.
–Proposing the desired “to-be” architecture based on solid risk assessment and evaluation of available technology and controls.
–Evaluation of IT systems, appliances, and devices being proposed for use within the environment and their ability to meet GM’s security requirements, recommending mitigating controls for identified limitations and risks
–Working closely with Business Analysts, Solution and Platform Architects, Developers and Testers to ensure security requirements are effectively addressed in all phases of project lifecycles
–Assisting in the creation and maintenance of enterprise security policies, controls, and standards for technologies defined within the GM taxonomy
–Providing security architecture as a service in assistance to project teams and other architecture groups to ensure proper skills are applied where needed
–Assisting in identifying and assessing risk as part of the overall Risk Management process
–Solid experienced based knowledge and ability to apply the principles of application or infrastructure architectures, including the distinction between contextual, conceptual, logical and physical layers
–Understands and applies the distinction and dependencies between business, information, systems and technology architecture layers
–Proven experience based ability to design and develop IT solutions based on defined requirements in a large-scale multi-national organization
–Ability to evaluate and select various technologies for suitable inclusion in IT solution designs
–Ability to develop and comprehend abstract models of IT solution architectures, including various views of solution architectures
–Ability to review and contribute to the definition of functional and non-functional business requirements and translate these into clearly articulated architectural requirements in the context of the required solution
–Participates in the discovery, documentation and refinement of business requirements to ensure alignment with technically viable solution designs.
–Documents applicable assumptions related to the technical viability of defined and reviewed solutions. Validates these assumptions as needed to ensure solution appropriateness
–Validates current and future state architectural models and views as necessary to ensure availability of a thorough and robust comprehension of the assigned domain
–Participates in technical incident management and troubleshooting as needed
–Ability to work constructively as an individual or in groups with minimal supervision.
–Understands and can apply software engineering and application development methodologies in a complex multi-project environment.
–Subject matter expertise across applications, data, database, middleware, mainframe and midrange server computing, network (Intranet/Extranet/Internet), security, and client platform (Including mobile) IT products and services
The policy of General Motors is to extend opportunities to qualified applicants and employees on an equal basis regardless of an individual's age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity/expression or veteran status. Additionally, General Motors is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us at Careers.Accommodations@GM.com. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
REQUIRED SKILLS & EXPERIENCE:
–Bachelor degree in Computer Science, Computer Engineering, or equivalent field/work experience
–Minimum 12-15 years’ experience in information security
–Minimum 5+ years’ experience in security architecture creating key artifacts including architectural principles, requirements traceability, use cases, patterns, reference architectures, elaboration, and network security designs and drawings.
–Minimum 5+ years’ experience in creation of technical security solutions including enterprise-level security systems for either networking, hosting, applications, or endpoint devices
–Demonstrated experience in developing contextual and conceptual, logical and physical architecture deliverables.
–Ability to make recommendations and influence decisions based risk reduction.
–Ability to work collaboratively with individuals within both the technical community and senior leadership.
–Experience in providing security solutions for APIs or 4G LTE infrastructure
–Experience with mobile and application security
–Very strong verbal and written communication skills.
–Strong facilitation and negotiation skills.
–Strong creativity and innovation skills.
–Certified Information Security Systems Professional (CISSP)
PREFERRED SKILLS & EXPERIENCE:
–Technical Master’s degree strongly preferred
–Desire to continuously learn and keep up to date on latest developments within the information security space
–Ability to conduct evaluations of alternative proposals to security architecture and facilitate decisions ensuring the best outcome for the GM IT and business environments
–Experience leading and directing technical teams in a global environment including design and development teams or solution architecture teams
–Ability to conduct fact-based evaluations of architecture alternatives, mediate opposing viewpoints and negotiate equitable outcomes that ensure stable solutions
–Broad experience based on understanding of the principles of application architecture, including the distinction between contextual, conceptual, logical, and physical layers and the distinction and dependencies between business, information, systems, and technology
–Career track record of engineering, developing (coding), deploying and maintaining business critical information technology solutions across a range of technical platforms
–Solid experience in strategic planning and project management
–Solid understanding of the SDLC process and ability to effectively develop and design solutions using a structured approach
–Demonstrated experience in using industry standards such as ISO/IEC 27001 and 27002, COBIT, and TOGAF
–CISSP-ISSAP, GSLC, CGEIT, GCIH, GPEN, GWAPT, CISA, or CRISC certifications