Application Security Engineer

Job Description

The Role:
You will strengthen GMs software security posture by building and operating automated controls and validations integrated into CI/CD and development workflows. You may specialize in one or more areassuch as static analysis (SAST) dynamic and API testing (DAST/API) container/cloudnative security or software supply chain securitybut the core of the role is the same: reduce risk through highquality automation targeted validation and actionable guidance for engineering teams.

What Youll Do (Responsibilities):

• Build and maintain automated security checks and validations in CI/CD (e.g. code and secret scanning API/spec validation dynamic testing image/IaC scanning dependency/SBOM signals); continuously improve precision and developer experience.
• Validate risk with targeted manual review where automation is insufficient; produce clear reproducible findings with severity impact and pragmatic remediation; confirm fixes and risk reduction.
• Partner with product platform and cloud teams to embed securebydesign patterns guardrails and reference guidance that prevent recurring issues and streamline remediation.
• Measure and improve outcomes (coverage falsepositive rate meantimetoremediate); tune policies and workflows to focus effort on the highestvalue risks.
• Contribute domain expertise in one or more lanes:
  • SAST and code security
  • DAST/API testing and runtime validation
  • Container/cloudnative security and runtime policies
  • Software supply chain (dependency governance SBOM provenance/attestation)

Your Skills & Abilities (Required Qualifications):

• 2 years of handson experience in application security security assurance vulnerability management or related domains
• Working knowledge of common vulnerability classes and secure coding practices (e.g. OWASP Top 10; familiarity with CWE/CVE concepts)
• Experience integrating security checks into build/release workflows and using scripting/automation to scale (e.g. Python shell or similar)

People Skills:

• Strong analytical and communication skills; able to translate complex issues into clear actionable guidance for both technical and nontechnical audiences
• High level of integrity handling confidential and sensitive information; ability to manage multiple priorities with minimal supervision

What Will Give You A Competitive Edge (Preferred Qualifications):

• Bachelors degree in Computer Science Cybersecurity Information Technology or related discipline
• Prior experience specializing in one or more areas: SAST DAST/API container/cloudnative security or software supply chain security
• Experience building repeatable developerfriendly automations and policies in large engineering environments
• Relevant certifications (e.g. Security CSSLP GIAC or equivalent)
• Familiarity with modern cloud platforms infrastructureascode and CI/CD design patterns

#LI-DH2

About GM

Our vision is a world with Zero Crashes Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better safer and more equitable for all.

Why Join Us

We believe we all must make a choice every day individually and collectively to drive meaningful change through our words our deeds and our culture. Every day we want every employee to feel they belong to one General Motors team.

Benefits Overview

From day one were looking out for your well-beingat work and at homeso you can focus on realizing your ambitions. Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources.

Non-Discrimination and Equal Employment Opportunities (U.S.)

General Motors is committed to being a workplace that is not only free of unlawful discrimination but one that genuinely fosters inclusion and belonging. We strongly believe that providing an inclusive workplace creates an environment in which our employees can thrive and develop better products for our customers.

All employment decisions are made on a non-discriminatory basis without regard to sex race color national origin citizenship status religion age disability pregnancy or maternity status sexual orientation gender identity status as a veteran or protected veteran or any other similarly protected status in accordance with federal state and local laws.

We encourage interested candidates to review the key responsibilities and qualifications for each role and apply for any positions that match their skills and capabilities. Applicants in the recruitment process may be required where applicable to successfully complete a role-related assessment(s) and/or a pre-employment screening prior to beginning employment. To learn more visit How we Hire.

Accommodations

General Motors offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment email us or call us your email please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.