Staff Technical Program Manager – Governance, Risk and Compliance

🌍 Remote, USA 🎯 Full-time 🕐 Posted Recently

Job Description

About the position

At General Motors, our product teams are redefining mobility. Through a human-centered design process, we create vehicles and experiences that are designed not just to be seen, but to be felt. We’re turning today’s impossible into tomorrow’s standard – from breakthrough hardware and battery systems to intuitive design, intelligent software, and next-generation safety and entertainment features. Every day, our products move millions of people as we aim to make driving safer, smarter, and more connected, shaping the future of transportation on a global scale.

The Role
As a Staff Technical Program Manager for Governance, Risk, and Compliance (GRC), you will be the operational backbone of GM’s GRC organization – driving execution, discipline, and visibility across all compliance and security-related programs. You will lead cross-organizational initiatives, run business-critical operating rhythms, and elevate our program maturity by ensuring accountability, readiness, and transparency at scale. In this role, you will partner across multiple GRC functions including Threat Analysis & Risk Management, Policy & Contracts, Third Party Cybersecurity, Legal & Regulatory Compliance, and Cyber Resiliency.

    Responsibilities
  • Program Delivery
    • Provide program management rigor, structure, and execution support for high-impact compliance initiatives.
  • Lead planning, milestone development, dependency mapping, and risk/issue management across multiple GRC domains.
  • Align cross-functional teams to deliver predictable, high‑quality outcomes in a safety-critical environment.
  • Tracking & Reporting
    • Define and maintain OKRs, KPIs, dashboards, and reporting mechanisms to measure compliance maturity, performance, and operational health.
  • Build repeatable reporting frameworks to support executive reviews, audits, and governance forums.
  • Stakeholder Engagement
    • Serve as a trusted representative of the GRC organization with Legal, Cybersecurity, Engineering, Product, and Executive stakeholders.
  • Drive alignment, surface risks early, and remove organizational blockers through effective communication and influence.
  • Translate complex requirements into clear, actionable program plans for both technical and non‑technical audiences.
  • Operational Excellence
    • Establish, refine, and scale a disciplined operating model for GRC programs, including standardized processes, cadences, and workflows.
  • Implement structured review cycles, program scorecards, readiness assessments, and repeatable governance routines.
  • Foster a culture of accountability, program rigor, and proactive issue resolution.
  • Ensure ongoing audit readiness and predictable execution across all GRC initiatives.
    Requirements
  • 10+ years driving large‑scale, cross‑functional programs in Compliance, Cybersecurity, Risk Management, or Operations
  • Strong Technical Program Management expertise, including roadmap planning, milestone tracking, risk/issue management, and cross-team dependency resolution
  • Solid understanding of secure software development, risk and governance frameworks, and enterprise compliance requirements
  • Experience supporting audit readiness or implementing regulatory/certification frameworks such as ISO 27001, SOC 2, NIST CSF, or GDPR
  • Proficiency with modern program and portfolio management tools (e.g., Azure DevOps, JIRA, Confluence, Power BI)
  • Excellent communication skills with proven success preparing executive- and board-level reporting and driving enterprise operating cadences
  • Demonstrated ability to lead complex, multi-stakeholder initiatives and influence outcomes across engineering, cybersecurity, legal, and business teams.
  • Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related technical field, or equivalent hands-on experience in highly regulated, safety‑critical, or enterprise technology environments
    Nice-to-haves
  • Experience in automotive, cloud, aerospace, defense, or other safety‑critical environments (OEM or Tier‑1 preferred)
  • Familiarity with cybersecurity, safety, and compliance requirements for vehicle systems, connected platforms, or cloud-based architectures
  • Professional certifications such as CISM, CISSP, CIPP/E, ISO 27001 Lead Auditor, PMP, or PgMP
  • Experience defining, scaling, or operating cybersecurity or compliance governance models and executive reporting structures
  • Advanced degree (MBA, JD, MS in Cybersecurity, Engineering, or Risk Management)
    Benefits
  • From day one, we're looking out for your well-being–at work and at home–so you can focus on realizing your ambitions.
  • Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources.

Apply Now

Apply Now

Ready to Apply?

Don't miss out on this amazing opportunity!

🚀 Apply Now

Similar Jobs

Recent Jobs

You May Also Like