Associate Cybersecurity Engineer

---

Job description

Overview:GM Financial (GMF) is the wholly owned captive finance subsidiary of General Motors and is headquartered in Texas. We are a global provider of auto finance solutions, with operations in North America, South America and Asia. Through our long-standing relationships with auto dealers, we offer attractive retail financing and lease programs to meet the needs of each customer. We also offer commercial lending products to dealers to help them finance and grow their businesses.At GMF our Cybersecurity organization is a global team consisting of architecture, engineering, operations, governance, and risk functions under the Chief Information Security Officer reporting directly to the CEO.As a member of Security Operations Center (SOC), the Associate Cybersecurity Engineer is responsible for developing, deploying, monitoring, tuning, evaluating, reporting and maintaining security alerting systems and procedures; and to identify and mitigate threats to the corporate network, corporate assets, and corporate users. This team member will monitor for security incidents; identify alerting, tuning, and automation opportunities; and work with stakeholders to perform ongoing tuning and alerting on security technologies. Security technologies may include, but are not limited to: Data Loss Prevention (DLP), Security Incident Event Management (SIEM), User Behavior Analytics, Host Intrusion Prevention (HIPS), and Web/Email Gateway. This team member will be responsible with assisting in investigations into security threats and alerts. Additionally, this team member will assist with technical implementation of security alerting systems and communication of security requirements to management and security leadership.Responsibilities:JOB DUTIESResponsible for maintaining and building upon a fundamental skill set in regards to Cybersecurity triage, investigation and response activitiesTrack and own security incidents from detection to resolution, engaging in any containment, eradication and recovery actions as neededAttention to detail and ability to formulate decisions based on evidence gatheringAbility to triage alerts and incidents of various technical levelsExposure to Data Loss Prevention, Phishing, Malware, Network Traffic, Host-based forensics and other Cybersecurity principlesUnderstanding of incident response processes and procedures; familiarity with NIST frameworkFamiliarity with network and host-based best-practices for securing and protecting data and assetsPerform other duties as assignedConform with all company policies and proceduresQualifications:KnowledgeStrong technical skills and hands on experience in information security as it relates to server security, client security, user security, network communications and data storagePractical experience implementing security solutions and performing initial tuning and monitoring in the environmentDemonstrated expertise developing custom rule sets for tools to identify specific attacks and exploits based on feedback and requirements from business stakeholders including Compliance and Legal CounselPractical experience scaling solutions to meet enterprise sizing requirements and performing tuning to manage the amount of alerting that occursStrong knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux, Mainframe, Cloud Service Providers, Relational Databases, Data Warehouses and filesystemsStrong knowledge of IT technologies and methods to secure them, specifically for databases, SharePoint, storage area networking, cloud-based storage and data warehousesPractical experience with data loss, data privacy, regulatory requirementsStrong knowledge of the OSI model and security that is associated with each layerPossess understanding of cloud technologies and conceptsUnderstanding of Agile and DevOps environmentsExperience with scripting languages such as Python, Go, Ruby, etcFamiliarity with infrastructure as code (IaC), Linux operating systems, and immutable infrastructure is a plusSkillsExperience in setting appropriate priorities for tasks to be accomplished based on project plans and management priorities are requiredDemonstrated ability to communicate across multiple levels of stakeholdersAbility to interpret and document business and technical requirementsGood interpersonal, verbal and written communication skillsDetail oriented with good time and analytical skillsAbility to exercise prudent judgment and offer knowledgeable adviceAbility to work both independently and in a team environmentAbility to manage multiple projects and tasksAbility to manage production sensitive situationsBe a reputable representative of the departmentEducationBachelor's Degree or equivalent experience preferredExperience0-2 years of experience in large and complex business environments with a successful track record working directly with senior level management with working knowledge in one or more of the following domains: Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development preferred0-2 years of hands on experience supporting requirements of a large, global enterprise environment preferredLicensesCybersecurity related Certifications strongly preferredWorking ConditionsNormal office environment subject to stressful situationsFlexible schedule with possibility of working long hours including weekends/holidays, occasional overtime or split shifts may be requiredLimited travel may be required to support business needs including international travel#LI-EM1