Lead Engineer - Global Application Security

Company Background:

Established in 1928, Genuine Parts Company is a leading global service organization specializing in the distribution of automotive and industrial replacement parts. Our Automotive Parts Group operates across the U.S., Canada, Mexico, Australasia, France, the U.K., Ireland, Germany, Poland, the Netherlands, Belgium, Spain and Portugal, while our Industrial Parts Group serves customers in the U.S., Canada, Mexico and Australasia. We keep the world moving with a vast network of over 10,700 locations spanning 17 countries supported by more than 60,000 teammates. 

Position Purpose:

Seeking world-class talent to join the world’s leading distributor of automotive and industrial replacement parts and value-added services operating 5,500+ locations and servicing more than 20,000 locations in the U.S and Canada. Specifically, this role will function as the leader of a newly formed team, to build security awareness, standards, controls, and compliance in the treasury and payments line of business across the globe.  Working with a highly talented team, you'll play a key role to secure the financial assets of a Fortune 200 and one of the world’s largest automotive and industrial replacement parts operations.

The Lead Engineer – Global Application Security will work with in-depth knowledge of both strategies and acceptable risk tolerances across a broad scope of applications.  Close collaboration and alignment with business teams, application development teams and security operations will be required.  As such, strong technical knowledge, security expertise and exceptional abilities in building and maintaining working relationships and organizational savvy will be required.  High level communication and presentation skills are required.

Responsibilities: 

• Report to the Global Manager of Application Security with responsibility for implementing AppSec technology security strategy.
• Maintain knowledge of Company systems, applications, and security process and services.
• Develop findings based on application security principles, deliver findings to application teams, and assist in remediation.
• Threat model applications and advocate for controls that protect the business against financial loss occurring from application exploits, data exposure, fraud, & social engineering.
• Provide escalation path for security inquiries, issues, and incidents across the scope of applications.
• Review specification documents of functional and non-functional requirements for new features, functionalities, and enhancements in application technology space. Drive the execution of applications security roadmap by effectively documenting and communicating requirements to all stakeholders at the appropriate level and cadence.
• Analyze and determine the impact of new issues, functionality, and technology to existing business and system security processes and recommend adjustments needed to align with changing trends, behaviors, or performance.
• Effectively, consistently, and proactively communicate security issue status, and related information to cross-functional teams and at all levels.
• Conduct research on industry trends and maintain knowledge of competitive landscape and digital innovations.
• Develop subject matter expertise of GPC’s brands, product lines, customers, and industries.
• Other duties as assigned.

Location:

• This position will be out of the Motion Industries HQ – Birmingham, AL

• We offer a Flexible Work Policy that permits eligible employees to work a hybrid remote schedule.

Desired Qualifications & Experiences: 

• Degree in Computer Science, Engineering field, or equivalent experience
• 5+ years’ experience in Application Development & Security roles including experience in vulnerability management, process implementation, and business collaboration.
• Demonstrated experience with application security penetration testing and toolsets.
• Demonstrated experience software threat modeling & application architecture review.
• Excellent oral and written communication with ability to explain common application vulnerabilities and remediation paths.
• Analytical and problem-solving skills commensurate with a senior experience level.

Not the right fit?  Let us know you're interested in a future opportunity by joining our Talent Community on jobs.genpt.comor create an account to set up email alerts as new job postings become available that meet your interest!

GPC conducts its business without regard to sex, race, creed, color, religion, marital status, national origin, citizenship status, age, pregnancy, sexual orientation, gender identity or expression, genetic information, disability, military status, status as a veteran, or any other protected characteristic. GPC's policy is to recruit, hire, train, promote, assign, transfer and terminate employees based on their own ability, achievement, experience and conduct and other legitimate business reasons.