Staff Cybersecurity Engineer - PKI/Secrets Management

General Motors (GM)

Remote Hybrid Actively hiring
Remote, USA · GM Global Technical Center - Michigan It Innovation Center, US Posted 24 days ago
View original post Log in to save

At a glance

AI generated

TL;DR

As a senior Cyber Security Engineer at our company, you will lead the strategy, design, implementation, and operation of enterprise PKI and secrets management capabilities. You’ll work closely with engineering and security leaders to set standards and drive adoption, ensuring these systems scale with business needs. Your daily tasks include architecting highly available services, defining policies for key and certificate lifecycle management, and mentoring engineers to uphold best practices. You will advise senior leadership on long-term security architecture and participate in on-call rotations for mission-critical services. The ideal candidate has extensive experience with enterprise secrets management platforms like HashiCorp Vault and AWS Secrets Manager, proficiency in public-key cryptography, PKI, and cloud integration, and hands-on expertise with HSM platforms. Additionally, you should be adept at infrastructure-as-code practices and have a deep understanding of security standards such as FIPS 140-2/3 and PCI-DSS.

Skills

HashiCorp_Vault Terraform AWS GCP Azure Kubernetes CI/CD Python Go Rust OAuth_2.0 OIDC WebAuthn FIDO2 HSM Entrust Thales FIPS_140-2 PCI-DSS PKI Public_Key_Cryptography

What you'll do

  • Setting the technical vision and architecting PKI and secrets management services.
  • Defining and improving policies for keys, certificates, and secrets across platforms.
  • Influencing engineering teams to deliver robust cryptographic systems.
  • Advising senior leadership on long-term security architecture strategy.
  • Leading HSM strategy including platform selection and multi-year roadmap planning.

What we're looking for

  • 7+ years experience in enterprise security engineering or Site Reliability Engineering (SRE).
  • Strong understanding of public-key cryptography, PKI, and modern cryptographic protocols.
  • Extensive experience with enterprise secrets management platforms at scale.
  • Proficiency with infrastructure-as-code tools like Terraform for repeatable deployments.
  • Hands-on management and integration experience with HSM platforms.
  • Excellent communication skills to present complex technical concepts to engineering and executive audiences.
  • Experience implementing security standards (FIPS 140-2/3, PCI-DSS) in production environments.

Market check

Salary context

This listing doesn't show a salary. Similar roles on FindRole typically pay $110,000–$198,000.

Peer median band

$110,000$198,000

Median floor and ceiling across peers.

Typical midpoint (25–75%)

$137,700$184,418

Middle half of comparable postings.

Based on 240 comparable postings.

* 240 is the maximum number of comparable postings sampled.

Employer

About General Motors (GM)

General Motors (GM) is a leading American multinational automotive corporation founded in 1908 and headquartered in Detroit, Michigan.

General Motors (GM) currently has 96 open roles on FindRole.

Listed pay typically runs $159,400–$250,600 across 58 roles with salary data.

Most-posted roles

View all roles at General Motors (GM)

More like this

Similar roles

Lead, PKI Security Engineer

Prudential Financial

Wash, 213 Washington St., Newark, Nj, US 39 days ago $133,600$220,400
Keyfactor Command Venafi EJBCA Digicert HashiCorp Vault AWS Azure Docker Kubernetes HSM appliances cloud KMS services Splunk CI/CD PKI architecture certificate lifecycle management monitoring tools containerization technologies

Staff Cybersecurity Engineer

PayPal

Usa - Arizona - Scottsdale - Corp - N 90Th St, US 17 days ago $153,358$259,500
AWS Kubernetes Docker Python Bash Ansible YAML Go C# Vulnerability scanners Web application firewalls Intrusion detection/prevention systems SIEM solutions Security orchestration platforms CSPM Terraform JIRA Confluence CI/CD Linux system hardening

Cybersecurity Engineer

Fiserv

Columbus, Ohio, US 15 days ago $109,000$182,400
Python R SQL Hadoop Spark Databricks Machine Learning Classification Clustering Anomaly Detection Time Series CI/CD MLOps Endpoint Protection Identity and Access Data Network Telemetry Data Visualization AWS Azure

Cybersecurity Engineer

Booz Allen Hamilton

Locations Arlington, Virginia, US 24 days ago $69,400$158,000
AWS ACAS Nessus Manager STIGs DoD Risk Management Framework ATO IATT ATC Azure Google Cloud Oracle Cloud Ubuntu RHEL Windows Server CI/CD

Cybersecurity Engineer

Booz Allen Hamilton

US 23 days ago $62,000$141,000
AWS PowerShell Bash Python CI/CD RBAC Vulnerability Scanning Centralized Logging Web App Firewalls System Patching Authority to Operate (ATO) CMMC Authorizations DoD Cloud SRG Requirements HBSS Certification ACAS Certification AWS Certifications

Cybersecurity Engineer

Booz Allen Hamilton

US 18 days ago $86,800$198,000
AWS Azure PowerShell Bash Python RBA Vulnerability Scanning Centralized Logging Web App Firewalls CMMC DoD Cloud SRG Authority to Operate (ATO) Trelix ENS Tenable CI/CD