About GPC Global Technology Center

Established in 1928, Genuine Parts Company is a leading global service provider of automotive and industrial replacement parts and value-added solutions. Our Automotive Parts Group operates across the U.S., Canada, Mexico, Australasia, France, the U.K., Ireland, Germany, Poland, the Netherlands, Belgium, Spain and Portugal, while our Industrial Parts Group serves customers in the U.S., Canada, Mexico and Australasia. We keep the world moving with a vast network of over 10,700 locations spanning 17 countries supported by more than 63,000 teammates. Learn more at genpt.com.

Position Purpose:

As GPC continues to scale and evolve, protecting our products and applications has become increasingly critical. We are looking for an experienced Application Security Engineer to join our Security Services Team. In this role, you will partner with Engineering Teams to develop Secure-by-Design products and ensure robust security practices are embedded throughout the software development lifecycle (SDLC).

Responsibilities:

• Conduct threat modeling, security architecture reviews, and code reviews to ensure products are secure by design.
• Collaborate with development teams to integrate security best practices within the SDLC.
• Identify, assess, and mitigate security risks associated with products and services.
• Evaluate third-party components and libraries for security and reliability.
• Perform vulnerability assessments, penetration testing, and oversee remediation efforts.
• Continuously monitor products for vulnerabilities, misconfigurations, and emerging threats using security tools and platforms.
• Develop and implement secure coding guidelines, advocating secure design principles.
• Partner with engineering and product management teams to promote security awareness.
• Provide regular training sessions and mentorship for developers on secure coding and threat identification.

Requirements:

• 3+ years of experience in security, cloud, and application development.
• Bachelor’s degree in computer science, cybersecurity, or a related field (or equivalent experience).
• Strong understanding of secure software development principles, cryptography concepts, and security architecture.
• Proficiency in one or more programming languages (e.g., Python, Java, C/C++).
• Hands-on experience with vulnerability scanning tools, static and dynamic code analysis tools, and penetration testing.
• Familiarity with modern development tools (e.g., Git, Jenkins, Docker) and cloud platforms (e.g., AWS, Azure, GCP).
• Experience in DevSecOps practices and security automation.
• Certifications such as CISSP, CEH, GIAC, or OSCP are a plus.
• Strong problem-solving skills and the ability to collaborate effectively within cross-functional teams.
• Excellent verbal and written communication skills in English, with the ability to translate complex security concepts for both technical and non-technical stakeholders.

Location

Krakow/Hybrid