General Motors · 9 hours ago
Staff Cybersecurity Education and Awareness Manager
Warren, Michigan, United States of America
Full-time
Hybrid
Lead/Staff
8+ years expGeneral Motors is seeking a Staff Cybersecurity Education and Awareness Manager to build and sustain a strong security culture. This role involves designing and delivering education, awareness, and communication programs to reduce human risk and promote secure behaviors among employees and contractors.
AutomotiveElectric VehicleInformation ServicesManufacturingTransportation
Responsibilities
Foster a positive, empowering security culture that emphasizes accountability, learning, and “secure by default” behaviors rather than fear or blame
Develop and maintain a GM-wide security education and enablement strategy aligned to enterprise risk priorities, NIST CSF principles, and GM cybersecurity policies and standards
Help define a multi-year roadmap for security education and culture initiatives, including annual objectives, key milestones, and integration with broader cybersecurity and IT strategies
Ensure programs align with GM’s values and vision (e.g., Zero Crashes, Zero Emissions, Zero Congestion) and reinforce that cybersecurity is foundational to safety, quality, and customer trust
Design and deliver engaging, role-based cybersecurity training (e.g., targeted modules for high-risk roles such as developers, third-party facing teams, etc.)
Lead the evolution from point-in-time training and one-off phishing exercises to a continuous, data-informed engagement program, sunsetting legacy approaches in favor of more modern, behavior-focused methods
Use modern learning techniques (e.g., microlearning, just-in-time nudges, gamification, simulations, labs) to drive knowledge retention and real behavior change
Collaborate with key learning and culture teams across the enterprise to embed and enable cybersecurity education and culture initiatives within their areas of responsibility
Design and scale a Security Champions network across functions, sites, and regions to localize security messages, gather feedback, and amplify best practices within teams
Equip leaders at all levels (from senior executives to frontline managers) with information and communication tools they can use in staff meetings, town halls, and performance discussions
Create and manage recognition programs that celebrate secure behaviors and contributions to GM’s cybersecurity posture
Use data-driven insights to understand human risk across GM (e.g., phishing resilience, reporting behavior, policy exceptions, unsafe tool usage) and identify high-risk personas, processes, or environments
Define and track key performance indicators (KPIs) and outcomes related to security behavior (e.g., click rates and report rates, training completion and assessment scores, time-to-remediate user-driven risks, participation in key campaigns)
Collaborate with Cyber Defense, Insider Threat, and Risk & Compliance teams to connect human risk insights with broader cyber metrics and dashboards, and to prioritize targeted interventions where they matter most
Partner with the GM Threat Intelligence team to convert real-time cyber threat intelligence into relevant, actionable training that helps employees recognize and report emerging threats (e.g., new phishing campaigns and attacker tactics), strengthening our workforce as a proactive layer of defense
Help redesign and manage core internal cybersecurity communication channels, including intranet pages, slack messaging, email campaigns, and executive storytelling
Ensure employees have clear, well-documented workflows and resources to: Report suspected phishing and cyber incidents, Request cybersecurity support or guidance, Access up-to-date policies, standards, and best practices in a user-friendly way
Develop messaging and campaigns for new or updated policies, emerging threats, incidents, and strategic initiatives, collaborating closely with Cybersecurity Policy, Cyber Defense, and other subject-matter experts
Partner with Corporate Communications and HR to align cyber messaging with broader company communications and culture narratives
Establish a measurement framework and regular reporting cadence that provides the CISO and senior leadership with clear visibility into the effectiveness of security education and culture initiatives (e.g., dashboards, scorecards, quarterly readouts)
Use experimentation (e.g., A/B testing of messages, pilots with specific functions, gamified challenges) to continuously refine approaches based on what drives measurable behavior change
Stay current on emerging threats, human risk trends, and best practices in security awareness, culture, and behavior science; incorporate learnings into GM’s programs to keep them fresh, relevant, and impactful
Qualification
Required
8+ years of experience in cybersecurity awareness, security education, learning & development, communications, organizational change management, or related fields
Strong understanding of cybersecurity principles, human risk management, and behavior change strategies; experience applying these concepts in large, complex organizations is preferred
Hands-on experience with: Security awareness and training platforms, Phishing simulation and human risk tools, Analytics / reporting solutions for measuring behavior and campaign impact
Excellent communication skills—able to translate technical concepts and policy requirements into simple, clear, and actionable messages for non-technical audiences across different regions and job functions
Proven ability to influence without direct authority, build trust with senior stakeholders, and collaborate across multiple teams and time zones
Experience designing and delivering modern learning experiences (e.g., microlearning, gamification, scenario-based learning, interactive workshops) that drive measurable behavior change
Bachelor degree in Cybersecurity, Information Systems, Communications, Education, Organizational Psychology, or a related field; or equivalent practical experience
Preferred
10+ years of experience in cybersecurity awareness, security education, learning & development, communications, organizational change management, or related fields
Professional certifications such as CISSP, CISM, Security+, or a Security Awareness / Human Risk certification
Master degree in Cybersecurity, Information Systems, Communications, Education, Organizational Psychology, or a related field
Benefits
Company Vehicle: Upon successful completion of a motor vehicle report review, you will be eligible to participate in a company vehicle evaluation program, through which you will be assigned a General Motors vehicle to drive and evaluate.
Company
General Motors
General Motors is an automotive company that designs, produces, markets, and distributes vehicles and vehicle parts.
10001+ employees
H1B Sponsorship
General Motors has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (787)
2024 (740)
2023 (450)
2022 (795)
2021 (748)
2020 (452)
Funding
Current Stage
Public CompanyTotal Funding
$8.51BKey Investors
US Department of Energy
2025-05-05Post Ipo Debt· $2B
2024-10-31Grant· $8M
2024-07-11Grant· $500M
Leadership Team
Mary Barra
Chair and Chief Executive Officer
Tony Cervone
Senior Vice President, Global Communications
Recent News
WSJ.com: US Business
2026-02-04
2026-02-04
2026-02-03
Company data provided by crunchbase