Senior Cybersecurity Engineer – Governance, Risk & Compliance
General Motors
Cyber SecurityServiceNow
Security Architect
BCM One
full-time
Posted on:
Location Type: Hybrid
Location: Alpharetta • Missouri, Pennsylvania, Virginia • 🇺🇸 United States
Visit company websiteJob Level
SeniorLead
Tech Stack
SDLC
About the role
- Define and execute the company’s multi-year security architecture strategy and roadmap.
- Design, build, and implement enterprise-class security systems and architectures for all networks, applications, and infrastructure.
- Lead, mentor, and develop a high-performing security function that needs to scale with the company's growth.
- Promote security best practices and technology advancements across IT, Engineering, and corporate teams.
- Proactively identify gaps, risks, and challenges in security practices; recommend and implement strategic solutions.
- Perform security reviews, lead vulnerability testing, and conduct risk assessments.
- Develop and maintain risk management plans, incident response procedures, and business continuity protocols.
- Serve as the Tier 3 escalation point for critical security alerts, leading investigation, containment, and mitigation.
- Deploy, monitor, and continually improve security tools, controls, and operational processes.
- Make data-driven decisions on security investments and technology adoption.
- Partner with Engineering to integrate security into the software development lifecycle (SDLC).
- Collaborate with Legal, Privacy, and GRC teams to ensure compliance with SOC 2, ISO 27001, GDPR, and Cyber Essentials Plus.
- Present security posture, risks, and recommendations to executive leadership in clear, business-aligned terms.
- Manage security vendors, tools, and budgets to optimize outcomes and cost efficiency.
Requirements
- 10+ years of progressive experience in Information Security, with a strong focus on security architecture
- 5+ years of demonstrated experience as the SME leading and scaling security programs during periods of high-volume company growth (preferably at large, established enterprises)
- Expert knowledge of security architectures across diverse technology stacks including: SOC2, ISO 27001, GDPR, NIST, etc.
- Proven ability to design and implement enterprise-class security systems
- Strong communication skills, with the ability to influence and present effectively across executive and technical audiences
- Analytical and problem-solving abilities with a data-driven decision-making approach
- Demonstrated success leading cross-functional teams in complex environments
- Bachelor’s degree in Computer Science, Information Security, or a related field required
- Master’s degree (or equivalent experience) in Computer Science, Information Security, or related field preferred
- Professional certifications such as CISSP, CISM, CISA, or CEH strongly preferred
Benefits
- Competitive industry salaries
- Comprehensive medical, dental, and vision insurance
- Company-provided life and disability insurance
- Matching 401 (k) plan
- Employee Emergency Assistance Fund
- Paid holidays and vacation time
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
security architectureenterprise-class security systemsvulnerability testingrisk assessmentsincident response proceduresbusiness continuity protocolssecurity toolsdata-driven decision makingsoftware development lifecycle (SDLC)security best practices
Soft skills
leadershipmentoringcommunicationanalytical skillsproblem-solvinginfluencingcollaborationpresentation skillscross-functional team leadershiporganizational skills
Certifications
CISSPCISMCISACEH
