Senior Application Security Engineer
M&T BankSalary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Not SpecifiedCompensation
Junior (1 to 2 years), Mid-level (3 to 4 years)Experience Level
Full TimeJob Type
UnknownVisa
Automotive, TechnologyIndustries
Requirements
- 2+ years of hands-on experience in penetration testing, security assurance, or vulnerability management, including white-box or gray-box testing
- Solid understanding of web and API security concepts (authentication/SSO, session management, injection classes, deserialization, SSRF, RCE, access control)
- Proficiency applying industry-standard offensive testing methods and authenticated testing setups; ability to create high-quality test cases and execute both manual and automated assessments
- Experience writing professional-grade penetration test reports and presenting findings/readouts to diverse audiences
- Broad familiarity with operating systems, networks, and cloud-native architectures; ability to reason about upstream/downstream dependencies and systemic risk
- Strong written and verbal communication skills; able to translate complex technical issues into actionable guidance
- High integrity handling confidential and sensitive information; capable of managing multiple engagements, priorities, and deadlines with minimal supervision
Responsibilities
- Plan, scope, and execute application penetration tests (lead and supporting roles) across web, API, and mobile surfaces; incorporate relevant code, pipeline, and infrastructure review to map end-to-end attack paths
- Perform authenticated and unauthenticated testing using industry-standard techniques; develop targeted tests and proof-of-concepts to validate exploitability and business impact
- Document clear, reproducible findings with severity, impact, and pragmatic remediation guidance; deliver concise readouts to technical and non-technical stakeholders
- Validate fixes and risk reductions, ensuring sustainable remediation and knowledge transfer to engineering teams
- Collaborate with internal stakeholders on external vulnerability reports received through the company’s responsible disclosure program and help reduce recurring patterns
- Contribute to safe test automation and scale (e.g., authenticated testing orchestration, repeatable workflows, CI/CD touchpoints) to improve coverage and consistency
- Maintain awareness of emerging threats, testing techniques, and common weaknesses; advocate for secure-by-design patterns and developer enablement
Skills
penetration testing
web security
API security
mobile security
vulnerability management
white-box testing
gray-box testing
authentication
SSO
session management
injection
deserialization
proof-of-concepts
CI/CD
secure-by-design
General Motors
Designs, manufactures, and sells vehicles
About General Motors
General Motors designs, manufactures, and sells vehicles and vehicle parts, catering to individual consumers, businesses, and government entities. The company operates in both traditional internal combustion engine vehicles and the growing electric vehicle (EV) market, generating revenue through vehicle sales and financing services. GM stands out from competitors with its commitment to community service, sustainability, and diversity, as evidenced by a majority female Board of Directors. The company's goal is to balance traditional automotive manufacturing with technological advancements in electric and autonomous vehicles.
Detroit, MichiganHeadquarters
1908Year Founded
$486.7MTotal Funding
IPOCompany Stage
Automotive & Transportation, Financial ServicesIndustries
10,001+Employees
Benefits
Paid Vacation
Paid Sick Leave
Paid Holidays
Parental Leave
Health Insurance
Dental Insurance
Vision Insurance
Life Insurance
401(k) Company Match
401(k) Retirement Plan
Tuition Reimbursement
Student Loan Assistance
Flexible Work Hours
Discount on GM vehicles
Risks
Shutting down Cruise Robotaxi may affect investor confidence in GM's AV strategy.
Chevrolet Equinox EV recall could harm GM's safety reputation.
Leadership transition in design may disrupt continuity and brand identity.
Differentiation
GM's Dynamic Fuel Management system enhances fuel efficiency in traditional vehicles.
GM leads in board diversity with 55% women directors.
GM's pivot to personal autonomous vehicles aligns with consumer trends.
Upsides
Partnership with Nvidia boosts GM's autonomous vehicle technology capabilities.
Collaboration with ChargePoint expands EV charging infrastructure, enhancing consumer appeal.
Bryan Nesbitt's appointment as design head may bring innovation to GM's vehicle design.
Related Jobs
RemoteRemoteSenior Systems Software Security Engineer – Data Center Systems
NVIDIASalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSenior Vulnerability Manager
Keeper SecuritySalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteCopy of Security Consultant
Maze$120,000 - $140,000/year
- Full Time
- Junior (1 to 2 years)
RemoteSales Engineer - Federal
SpyCloudSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteCyber Threat Analyst
ArcadiaSalary not specified
- Full Time
- Junior (1 to 2 years), Mid-level (3 to 4 years)