Staff Technical Program Manager – Governance, Risk and Compliance

About the position At General Motors, our product teams are redefining mobility. Through a human-centered design process, we create vehicles and experiences that are designed not just to be seen, but to be felt. We’re turning today’s impossible into tomorrow’s standard – from breakthrough hardware and battery systems to intuitive design, intelligent software, and next-generation safety and entertainment features. Every day, our products move millions of people as we aim to make driving safer, smarter, and more connected, shaping the future of transportation on a global scale. The Role As a Staff Technical Program Manager for Governance, Risk, and Compliance (GRC), you will be the operational backbone of GM’s GRC organization – driving execution, discipline, and visibility across all compliance and security-related programs. You will lead cross-organizational initiatives, run business-critical operating rhythms, and elevate our program maturity by ensuring accountability, readiness, and transparency at scale. In this role, you will partner across multiple GRC functions including Threat Analysis & Risk Management, Policy & Contracts, Third Party Cybersecurity, Legal & Regulatory Compliance, and Cyber Resiliency. Responsibilities • Program Delivery Provide program management rigor, structure, and execution support for high-impact compliance initiatives. • Lead planning, milestone development, dependency mapping, and risk/issue management across multiple GRC domains. • Align cross-functional teams to deliver predictable, high‑quality outcomes in a safety-critical environment. • Tracking & Reporting Define and maintain OKRs, KPIs, dashboards, and reporting mechanisms to measure compliance maturity, performance, and operational health. • Build repeatable reporting frameworks to support executive reviews, audits, and governance forums. • Stakeholder Engagement Serve as a trusted representative of the GRC organization with Legal, Cybersecurity, Engineering, Product, and Executive stakeholders. • Drive alignment, surface risks early, and remove organizational blockers through effective communication and influence. • Translate complex requirements into clear, actionable program plans for both technical and non‑technical audiences. • Operational Excellence Establish, refine, and scale a disciplined operating model for GRC programs, including standardized processes, cadences, and workflows. • Implement structured review cycles, program scorecards, readiness assessments, and repeatable governance routines. • Foster a culture of accountability, program rigor, and proactive issue resolution. • Ensure ongoing audit readiness and predictable execution across all GRC initiatives. Requirements • 10+ years driving large‑scale, cross‑functional programs in Compliance, Cybersecurity, Risk Management, or Operations • Strong Technical Program Management expertise, including roadmap planning, milestone tracking, risk/issue management, and cross-team dependency resolution • Solid understanding of secure software development, risk and governance frameworks, and enterprise compliance requirements • Experience supporting audit readiness or implementing regulatory/certification frameworks such as ISO 27001, SOC 2, NIST CSF, or GDPR • Proficiency with modern program and portfolio management tools (e.g., Azure DevOps, JIRA, Confluence, Power BI) • Excellent communication skills with proven success preparing executive- and board-level reporting and driving enterprise operating cadences • Demonstrated ability to lead complex, multi-stakeholder initiatives and influence outcomes across engineering, cybersecurity, legal, and business teams. • Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related technical field, or equivalent hands-on experience in highly regulated, safety‑critical, or enterprise technology environments Nice-to-haves • Experience in automotive, cloud, aerospace, defense, or other safety‑critical environments (OEM or Tier‑1 preferred) • Familiarity with cybersecurity, safety, and compliance requirements for vehicle systems, connected platforms, or cloud-based architectures • Professional certifications such as CISM, CISSP, CIPP/E, ISO 27001 Lead Auditor, PMP, or PgMP • Experience defining, scaling, or operating cybersecurity or compliance governance models and executive reporting structures • Advanced degree (MBA, JD, MS in Cybersecurity, Engineering, or Risk Management) Benefits • From day one, we're looking out for your well-being–at work and at home–so you can focus on realizing your ambitions. • Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources. Apply Now Apply Now