Product Security Engineer

About GPC Global Technology Center
 

Established in 1928, Genuine Parts Company is a leading global service provider of automotive and industrial replacement parts and value-added solutions. Our Automotive Parts Group operates across the U.S., Canada, Mexico, Australasia, France, the U.K., Ireland, Germany, Poland, the Netherlands, Belgium, Spain and Portugal, while our Industrial Parts Group serves customers in the U.S., Canada, Mexico and Australasia. We keep the world moving with a vast network of over 10,700 locations spanning 17 countries supported by more than 63,000 teammates. Learn more at genpt.com.

As we continue to scale and evolve, it has become increasingly important for us to protect our Products and Applications. That's why we're looking for an experienced Product Security Engineer to join our Security Services Team, partnering with Engineering Teams to build Secure-by-Design Products.

Responsibilities

• Conduct threat modeling, security architecture reviews, and code reviews to ensure products are secure by design

• Collaborate with development teams to embed security best practices into the software development lifecycle (SDLC)

• Design and implement secure coding guidelines and advocate for secure design principles

• Identify, assess, and mitigate security risks associated with products and services

• Evaluate third-party components and libraries to ensure their security and reliability

• Perform vulnerability assessments, penetration testing, and oversee remediation efforts

• Monitor products for vulnerabilities, misconfigurations, or new threats using security tools and platforms

• Partner with engineering and product management teams to raise awareness of secure design and practices

• Provide regular training and mentorship to developers on secure coding and threat identification

Requirements

• 3+ years’ experience in security, cloud, and application development

• A bachelor’s degree in computer science, Cybersecurity, or a related field (or equivalent experience)

• Strong understanding of secure software development, cryptography, and security architecture

• Proficiency in one or more programming languages (e.g., Python, Java, C/C++)

• Experience with vulnerability scanning tools, static and dynamic code analysis tools, and penetration testing

• Familiarity with modern development tools (e.g., Git, Jenkins, Docker) and cloud platforms (e.g., AWS, Azure, GCP)

• Strong problem-solving skills and the ability to work collaboratively within cross-functional teams.

• Excellent verbal and written communication skills to explain complex security concepts to both technical and non-technical stakeholders.

• Experience in DevSecOps practices and security automation

• Certifications such as CISSP, CEH, GIAC, or OSCP are a plus

Location

Krakow/Hybrid

Not the right fit?  Let us know you're interested in a future opportunity by joining our Talent Community on jobs.genpt.com or create an account to set up email alerts as new job postings become available that meet your interest!

GPC conducts its business without regard to sex, race, creed, color, religion, marital status, national origin, citizenship status, age, pregnancy, sexual orientation, gender identity or expression, genetic information, disability, military status, status as a veteran, or any other protected characteristic. GPC's policy is to recruit, hire, train, promote, assign, transfer and terminate employees based on their own ability, achievement, experience and conduct and other legitimate business reasons.