General Motors
Senior Cybersecurity Engineer–Governance, Risk & Compliance (GRC)
General Motors, Warren, Michigan, United States, 48091
Senior Cybersecurity Engineer – Governance, Risk & Compliance (GRC)
Experience a fulfilling role in our Governance, Risk & Compliance team at General Motors, where you will advance our cybersecurity maturity by developing next‑generation policies, negotiating security provisions, and ensuring resilience across the organization.
What You Will Do (Responsibilities)
Assist in development and modernization of cybersecurity policies, standards, and procedures in alignment with NIST CSF, ISO 27001, and other industry frameworks.
Manage departmental compliance to corporate policies and regulatory requirements.
Document, process, and remediate cybersecurity policy deviations.
Lead collaboration with procurement and legal to implement contractual cybersecurity requirements for third parties.
Serve as the security SME in contract negotiations and recommend approvals for deviation requests.
Evaluate and communicate security risks to stakeholders, detailing potential impacts.
Promote security awareness and conduct training sessions.
Provide strategic support to leadership by managing ad‑hoc requests and initiatives.
Develop and evolve executive‑level reports and dashboards illustrating third‑party risk posture, trends, and mitigation strategies.
Continuously enhance GRC workflow efficiencies to strengthen our program.
Promote a culture of learning through post‑mortem reviews, lessons learned, and stakeholder feedback.
Maintain strong partnerships with key internal and external stakeholders.
Your Skills & Abilities (Required Qualifications)
Bachelor's degree in Cybersecurity, Information Technology or related field.
Minimum 5 years of experience focused on GRC, policy development, or contract negotiation.
Strong understanding of frameworks such as NIST CSF, ISO 27001, PCI, CIS Controls.
Experience drafting, reviewing, and stakeholder‑engaging policies and standards.
Demonstrated ability to assess and interpret security controls in technical and business contexts.
People Skills
Excellent communication and negotiation skills.
Solid project management capabilities—including planning, tracking, and reporting.
Ability to work independently and collaboratively in a fast‑paced environment.
Preferred Qualifications (Competitive Advantage)
ServiceNow experience.
Regulated industry experience (automotive, financial services, healthcare, etc.).
Knowledge of third‑party risk management and supplier assurance processes.
Certifications such as CISSP, CISM, CRISC, or CIPP.
Familiarity with artificial intelligence concepts.
Other Information GM does not provide immigration‑related sponsorship for this role. The position is hybrid, requiring onsite presence at least 3 times per week, with relocation benefits potentially available. Salary range: $95,000–$115,000 (Southfield, MI).
All employment decisions are made on a non‑discriminatory basis under all applicable laws. Applicants may be required to complete assessments or pre‑employment screening before employment. For additional information, visit
Total Rewards resources
and
How we Hire .
General Motors offers accommodations to individuals with disabilities. Contact us at 800‑865‑7580 or email to request assistance.
#J-18808-Ljbffr
What You Will Do (Responsibilities)
Assist in development and modernization of cybersecurity policies, standards, and procedures in alignment with NIST CSF, ISO 27001, and other industry frameworks.
Manage departmental compliance to corporate policies and regulatory requirements.
Document, process, and remediate cybersecurity policy deviations.
Lead collaboration with procurement and legal to implement contractual cybersecurity requirements for third parties.
Serve as the security SME in contract negotiations and recommend approvals for deviation requests.
Evaluate and communicate security risks to stakeholders, detailing potential impacts.
Promote security awareness and conduct training sessions.
Provide strategic support to leadership by managing ad‑hoc requests and initiatives.
Develop and evolve executive‑level reports and dashboards illustrating third‑party risk posture, trends, and mitigation strategies.
Continuously enhance GRC workflow efficiencies to strengthen our program.
Promote a culture of learning through post‑mortem reviews, lessons learned, and stakeholder feedback.
Maintain strong partnerships with key internal and external stakeholders.
Your Skills & Abilities (Required Qualifications)
Bachelor's degree in Cybersecurity, Information Technology or related field.
Minimum 5 years of experience focused on GRC, policy development, or contract negotiation.
Strong understanding of frameworks such as NIST CSF, ISO 27001, PCI, CIS Controls.
Experience drafting, reviewing, and stakeholder‑engaging policies and standards.
Demonstrated ability to assess and interpret security controls in technical and business contexts.
People Skills
Excellent communication and negotiation skills.
Solid project management capabilities—including planning, tracking, and reporting.
Ability to work independently and collaboratively in a fast‑paced environment.
Preferred Qualifications (Competitive Advantage)
ServiceNow experience.
Regulated industry experience (automotive, financial services, healthcare, etc.).
Knowledge of third‑party risk management and supplier assurance processes.
Certifications such as CISSP, CISM, CRISC, or CIPP.
Familiarity with artificial intelligence concepts.
Other Information GM does not provide immigration‑related sponsorship for this role. The position is hybrid, requiring onsite presence at least 3 times per week, with relocation benefits potentially available. Salary range: $95,000–$115,000 (Southfield, MI).
All employment decisions are made on a non‑discriminatory basis under all applicable laws. Applicants may be required to complete assessments or pre‑employment screening before employment. For additional information, visit
Total Rewards resources
and
How we Hire .
General Motors offers accommodations to individuals with disabilities. Contact us at 800‑865‑7580 or email to request assistance.
#J-18808-Ljbffr