Product Cybersecurity Penetration Tester
Company: General Motors
Posted on: November 22, 2021
This is a unique opportunity on the Product Cybersecurity Red Team
to pen-test and assess security controls on the latest and next gen
vehicles. This is a highly technical position and requires a highly
motivated individual, with ability to perform security
vulnerability assessments and embedded penetration testing:
* Perform embedded security pen-test activities, both automated and
manual, to identify and exploit vulnerabilities in vehicle ECUs,
applications, and network components to reduce risk and improve
product cybersecurity posture.
* Carry out reverse engineering on embedded devices firmware to
identify and exploit vulnerabilities.
* Defining pen-test methodologies with a combination of automated
and manual tools.
* Provide recommendation to mitigate security risks and fix
* Demonstrate creative analysis techniques in distilling test
results, eliminating false positives and providing actionable
recommendations for mitigation.
* Serve as subject matter expert and resource on security exploits
and containment approaches.
* Research emerging vulnerabilities and develop proof-of-concept
(POC) as needed.
* Develop custom tools to support penetration testing as
* Evaluation and selection of external vendors and tools.
* Help guide 3rd party vendors with security assessments and
provide coordination and support as needed.
* Document technical and logical security findings identified
during the security assessments and report them in a timely
Additional Job Description
* Penetration testing experience
* Hardware and embedded system hacking
* Reverse engineering embedded systems and source code review
* Proficiency in at least one of the following languages: C, C++,
Java, or Python.
* Knowledge with use of JTAG/UART and on-chip Debuggers
* Experience with real-time and POSIX oriented operating systems
(Linux, Android, and QNX)
* Must have strong teamwork orientation and the ability to foster
collaboration within and across teams
* Experience with Vulnerability assessments and penetration
* In-depth knowledge with wireless protocols, Wi-Fi, Bluetooth, and
* Reverse engineering Linux and/or Android based software
* Experience with common automotive communication protocols (e.g.,
CAN/LIN, UDS/DoIP, Ethernet, immobilization etc.)
* Security cryptography fundamentals - PKI, certificates,
encryption, signatures, authentication, and authorization.
* Experience with OS internals, virtualization, or container
* Experience with network protocols: TCP/IP, HTTP, (OSI model)
Our vision is a world with Zero Crashes, Zero Emissions and Zero
Congestion and we embrace the responsibility to lead the change
that will make our world better, safer and more equitable for
Why Join Us
We aspire to be the most inclusive company in the world. We believe
we all must make a choice every day - individually and collectively
- to drive meaningful change through our words, our deeds and our
culture. Our Work Appropriately philosophy supports our foundation
of inclusion and provides employees the flexibility to work where
they can have the greatest impact on achieving our goals, dependent
on role needs. Every day, we want every employee, no matter their
background, ethnicity, preferences, or location, to feel they
belong to one General Motors team.
The goal of the General Motors total rewards program is to support
the health and well-being of you and your family. Our comprehensive
compensation plan incudes, the following benefits, in addition to
* Paid time off including vacation days, holidays, and parental
leave for mothers, fathers and adoptive parents;
* Healthcare (including a triple tax advantaged health savings
account and wellness incentive), dental, vision and life insurance
plans to cover you and your family;
* Company and matching contributions to 401K savings plan to help
you save for retirement;
* Global recognition program for peers and leaders to recognize and
be recognized for results and behaviors that reflect our company
* Tuition assistance and student loan refinancing;
* Discount on GM vehicles for you, your family and friends.
General Motors is committed to being a workplace that is not only
free of discrimination, but one that genuinely fosters inclusion
and belonging. We strongly believe that workforce diversity creates
an environment in which our employees can thrive and develop better
products for our customers. We understand and embrace the variety
through which people gain experiences whether through professional,
personal, educational, or volunteer opportunities. GM is proud to
be an equal opportunity employer.
We encourage interested candidates to review the key
responsibilities and qualifications and apply for any positions
that match your skills and capabilities.
Equal Employment Opportunity Statements
The policy of General Motors is to extend opportunities to
qualified applicants and employees on an equal basis regardless of
an individual's age, race, color, sex, religion, national origin,
disability, sexual orientation, gender identity/expression or
veteran status. Additionally, General Motors is committed to being
an Equal Employment Opportunity (EEO) Employer and offers
opportunities to all job seekers including individuals with
disabilities. If you need a reasonable accommodation to assist with
your job search or application for employment, email us at
Careers.Accommodations@GM.com . In your email, please include a
description of the specific accommodation you are requesting as
well as the job title and requisition number of the position for
which you are applying.#06022021
Keywords: General Motors, Detroit , Product Cybersecurity Penetration Tester, IT / Software / Systems , Warren, Michigan
Didn't find what you're looking for? Search again!