Global Director, GPC Security Services

Established in 1928, Genuine Parts Company is a leading global service provider of automotive and industrial replacement parts and value-added solutions. The Automotive Parts Group operates across multiple countries including the U.S., Canada, Mexico, Australasia, and several European countries. The company supports over 10,700 locations in 17 countries with more than 63,000 employees.

Security Architecture and Engineering:

• Oversee and implement security requirements across all global IT portfolio items including security requirements engineering, architecture reviews, penetration testing, software composition analysis, and code reviews.
• Define, promote, and oversee adoption of pre-approved security blueprints within IT teams.
• Ensure application security through vulnerability reporting, secure coding practices, and collaboration with development teams.
• Leverage global SMEs across GRC, Cyber Defense, and IAM to drive secure by design technology implementation.
• Support teams in securing infrastructure requirements as part of project security coordination.

Product/Application Security Ownership:

• Direct security practices for a global portfolio of over 1,000 applications and 500+ projects annually.
• Own and manage security technology stack including SAST, DAST, ASPM, and related tools.
• Maintain and enforce security controls across the SDLC, conduct third-party security reviews, provide architectural guidance, and ensure secure implementation.

Executive Communication and Risk Visibility:

• Develop and present executive-level security reports with insights into project-level security postures.
• Assume responsibility for all Cyber Executive Communication up to C-Suite and Full Board updates.
• Educate and inform IT Vice Presidents and Business Unit CIOs on security issues and drive closure of vulnerabilities.

Global Team Leadership and Organizational Structure:

• Lead a team structured into Product Security, Engineering & Software Security, and Security Coordination & Champions Management across North America, Europe, India, and Australasia.
• Manage a specialized team responsible for security technology enablement and governance.

Budget and Resource Ownership:

• Exercise full budgetary responsibility for project-based security resourcing and tool allocations.

Compliance and Standards Enforcement:

• Assume full responsibility for Payments Security including P2PE certification.
• Act as conduit between project teams and global GRC Team ensuring alignment with PCI-DSS and privacy regulations.
• Identify and enforce compliance controls within projects during the build process.

Key Stakeholder and Project Coordination:

• Serve as single point of contact for project-level security support.
• Collaborate globally with stakeholders to address region-specific security challenges.

Key Performance Indicators (KPIs):

• Secure Configuration: Zero vulnerabilities reach production environments.
• Security Efficiency: Achieve first-time pass rate on security reviews.
• Compliance Adherence: Ensure technology compliance with PCI-DSS, privacy regulations, and internal policies.

GPC conducts its business without regard to sex, race, creed, color, religion, marital status, national origin, citizenship status, age, pregnancy, sexual orientation, gender identity or expression, genetic information, disability, military status, status as a veteran, or any other protected characteristic. Employment decisions are based on ability, achievement, experience, conduct, and legitimate business reasons.