General Motors Global 3rd Party Information Security Assessor - INF0020516 in Phoenix, Arizona


Detroit, MI (Preferred)

Warren, MI

About the Information Security and IT Risk Management Organization:

The organization is charged with enabling the business through globally delivered IT Risk Management and Information Security services aligned to the enterprise risk and threat profile. Accountable for maintaining a secure organization through strategic alignment, structured governance, process operation and enterprise reporting.

About the role:

The Global IT Third Party Security Assessor is responsible for safe guarding GMs interests and information technology assets in all GM Third Party engagements. The Assessor will implement the Third Party Security Program which includes but is not limited to the following:

  • Actively participating in the global Third Party Security Program team
  • Implement Third Party policies, standards and processes
  • Providing input to continuous improvement initiatives
  • Perform security control and risk assessments of Third Parties
  • Manage and track the risks identified for Third Parties
  • Increase awareness of the Third Party Program

Major responsibilities of this position include the following:

  • Represent GM Information Security & IT Risk Management to communicate and work with business contacts and Third Party representatives
  • Proactively evaluate security controls and risks throughThird Party assessments
  • Clearly articulate identified Security risks to stakeholders and ensure they understand the potential impact to GM
  • Participate in the onboarding/ initiation and ongoing management ofThird Partiesto ensure information security & technology risk is appropriately considered
  • Coordinatewith GM Audit Services (GMAS) or other audit teams for IT audits impactingThird Parties, understand the nature of issues identified
  • Provide continuous improvement suggestions to theThird Party Security Program
  • Increase awareness of Information Security & IT Risk Management within GM and externalThird Parties.
  • Driving the quality of data in GM’s third party inventories including details of services/technologies provided, IT infrastructure supported and nature of data stored as applicable.

Minimum Qualifications:

· Bachelor Degree in Computer Science/ Information Systems/Engineering

·Minimum 1-3 years of work experience in the Information Systems area

·Possess 1-3 years’ Third Party Security experience preferably with large global enterprises and/or in a consulting environment

· Proven track record in IT Security, Risk, Audit and Regulatory Compliance.

· Broad knowledge of computer technologies:Various operating systems, networks, firewalls, DLP, etc.

· Knowledge of data protection, security, risk management, IT standards and regulations (e.g. COSO, COBIT, ITIL,Privacy, PCIetc.)

·Strong process improvement and IT project management skills.

· Good verbal/written communication skills.

Preferred Qualifications:

· Familiarity with IT contract management, insourcing/ outsourcing, SLAs, service management and shadow IT transformation.

· Practical work experience at global level, knowledgeable about the local regulations, market trends and best practices related to IT security, risk & third party management.

· Multi-cultural work experience.

· Professional certifications in Certified Info Systems Security Professional (CISSP) / Certified Information Systems Auditor (CISA) or equivalent

Why General Motors?

At GM, we’ve charged ourselves with one mission: to design, build and sell the world’s best vehicles. And to achieve our goals, we’re currently undergoing one of the largest Information Technology transformations in the history of the automotive industry.

GM IT is a leader in cutting edge technologies such as Mobility, Telematics, Mission-Critical Business Systems, Supercomputing, Vehicle Engineering, and Real-time Computing. We offer challenging positions for passionate professionals looking to get in on the ground-floor of a growing “Fortune 5” firm that is re-inventing IT with a laser focus on Innovation, Speed, and Business Value.

Join our team and experience Information Technology at a scale and pace not seen before!