Job Description

AtBrightDrop, we are reshaping e-commerce by developing smarter, greener, and more efficient ways to deliver goods and services to your door, while delivering a brighter future for the cities where we live. We are building an ecosystem of all-electric, zero-emissions delivery solutions - from electric vehicles, toePalletsandsoftware that leverages real-time data todrive intelligent optimizationsfor e-commerce. To deliver on our mission we are growing fast and building a team, based inPalo Alto,with offices in Atlanta and Detroit,that is customer-focused, agile and passionate about innovating for a more sustainable future.

From engineering to product managementandoperations,BrightDropis looking for people who can combine a passion for technology and sustainability with high doses of curiosity and rigorous thinking to deliver a better future.

Backed by General Motors,BrightDropis striving to improve the communities where we live and deliver a better future for generations to come. We hope you'll join us.

The Product Security team at BrightDrop ensures the security of our products and services and as domain experts for our engineering teams and IT teas to protect our customers' data in today's dynamic threat landscape. We are a team of highly skilled security engineers that specialize in security research, penetration testing, and security architecture. We evaluate a broad range of technologies including complex web applications, IoT platform, distributed processing, Cloud environments and isolation of entrusted code.

As a Principal Engineer of Product Security you will lead the effort to secure entire product portfolio adapting Shift Left approach. Your passion for security and in-depth knowledge of Product Security will ensure that you deliver high impact results.

Responsibilities:

• Lead Threat Modeling and Penetration testing programs.
  

• Perform Security Design Reviews and Secure Code Reviews
  
• Design and Rollout Security Training Program to foster a culture of software security.
  
• Build and maintain technical guidelines and security best practices
  
• Perform black-box penetration testing and code reviews of our flagship services, product offerings and partners' applications.
  
• Participate in our incident response and vulnerability remediation efforts.Maintain the vulnerability management system and ensure compliance on SLAs for security bugs with engineering teams.
  
• Evaluate application security tools for internal consumption. Prototype new automation and tooling to improve our detection and prevention capabilities

Additional Job Description

REQUIREMENTS:

• B.S. or M.S. in Computer Science, Electrical Engineering or related experience.
  
• At least 8+ years of experience in Product Security and 3+ years of experience being a Technical Product Security Lead.
  
• Demonstrated success and influence in the Product Security space. Experience defining security policy, technology requirements, and control objectives.
  
• Experience in implementing Secure SDLC
  
• Lead DevSecOps by integrating SAST, DAST and SCA tools with CI/CD pipeline
  
• Demonstrated ability to write clear and comprehensive technical security content. In-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 IoT Top 10 and CWE Top 25.
  
• Meaningful experience in High level programming languages (C, C++, Java, Python).
  
• Solid knowledge of the browser security model, crypto, and network security.
  
• Expert knowledge of secure infrastructure architectures, application architectures, encryption and and broader security technologies.
  
• Knowledge of a broad spectrum range of attack vectors, exploits and mitigations. Outstanding detail-oriented organizational skills. Strong quantitative and analytical skills, proven ability to track and successfully complete complex security programs. Strong influencing skills with an ability to motivate and drive others to succeed.

The salary range for compensation is (112,142 - 175,401 USD Annual ).It could be filled with a Sr. level, Staff or Principal candidate and salary can be based on degree type and experience

Bonus Potential: An incentive pay program offers payouts based on company performance, job level, and individual performance. Benefits:

Benefits: GM offers a variety of health and wellbeing benefit programs. Benefit options include medical, dental, vision, Health Savings Account, Flexible Spending Accounts, retirement savings plan, sickness and accident benefits, life insurance, paid vacation & holidays, tuition assistance programs, employee assistance program, GM vehicle discounts and more.

#LI-Hybrid

About GM

Our vision is a world with Zero Crashes, Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better, safer and more equitable for all.

Why Join Us

We aspire to be the most inclusive company in the world. We believe we all must make a choice every day - individually and collectively - to drive meaningful change through our words, our deeds and our culture. Our Work Appropriately philosophy supports our foundation of inclusion and provides employees the flexibility to work where they can have the greatest impact on achieving our goals, dependent on role needs. Every day, we want every employee, no matter their background, ethnicity, preferences, or location, to feel they belong to one General Motors team.

Benefits Overview

The goal of the General Motors total rewards program is to support the health and well-being of you and your family. Our comprehensive compensation plan incudes, the following benefits, in addition to many others:

• Paid time off including vacation days, holidays, and parental leave for mothers, fathers and adoptive parents;
• Healthcare (including a triple tax advantaged health savings account and wellness incentive), dental, vision and life insurance plans to cover you and your family;
• Company and matching contributions to 401K savings plan to help you save for retirement;
• Global recognition program for peers and leaders to recognize and be recognized for results and behaviors that reflect our company values;
• Tuition assistance and student loan refinancing;
• Discount on GM vehicles for you, your family and friends.

Diversity Information

General Motors is committed to being a workplace that is not only free of discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that workforce diversity creates an environment in which our employees can thrive and develop better products for our customers. We understand and embrace the variety through which people gain experiences whether through professional, personal, educational, or volunteer opportunities.GM is proud to be an equal opportunity employer.

We encourage interested candidates to review the key responsibilities and qualifications and apply for any positions that match your skills and capabilities.

Equal Employment Opportunity Statements

GMis an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. GM is committed to providing a work environment free from unlawful discrimination and advancing equal employment opportunities for all qualified individuals. As part of this commitment, all practices and decisions relating to terms and conditions of employment, including, but not limited to, recruiting, hiring, training, promotion, discipline, compensation, benefits, and termination of employment are made without regard to an individual's protected characteristics. For purposes of this policy, "protected characteristics" include an individual's actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth, lactation and related medical conditions), gender identity or gender expression, sexual orientation, weight, height, marital status, military service and veteran status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances. If you need a reasonable accommodation to assist with your job search or application for employment, email us atCareers.Accommodations@GM.comor call us at 800-865-7580. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.