What are the responsibilities and job description for the CYBERSECURITY ENGINEER - CLOUD position at GM Financial?

Overview :

Opportunity to work in a hybrid model : Potential to work 4 days onsite and 1 day remote

Why GMF Cybersecurity?

Our Cybersecurity team is tasked with the security engineering, regulatory response, third party risk, and incident response capabilities necessary to secure GM Financial, the captive auto finance subsidiary of General Motors. Reporting directly to the CEO, our Cybersecurity team enjoys unprecedented support to deliver the highest level of security capabilities using cutting edge technologies and automating mundane tasks, allowing our teams to focus on interesting and rewarding security work. As a part of GM, youll have the opportunity to work on Cybersecurity projects across financial services, automotive, manufacturing, high-tech, and military industries. We are looking for team players who want the freedom to innovate leading edge capabilities to join our growing Cybersecurity team.

Responsibilities : About the role :

The Cybersecurity Engineer is responsible for developing, deploying, monitoring, tuning, evaluating, reporting, and maintaining systems and procedures; and to identify and mitigate threats to the corporate network, corporate assets and corporate users. This team member will identify core requirements, design and implement security technologies and work with stakeholders to perform ongoing tuning and alerting on those technologies. Security technologies may include but are not limited to : Data Loss Prevention (DLP), Security Incident Event Management (SIEM), User Behavior Analytics, Host Intrusion Prevention (HIPS) and Web / Email Gateway. This team member will be responsible for both technical implementation of systems and communication of security requirements to management and security leadership. Additionally, this team member will be responsible, as necessary, with assisting in investigations into security threats.

JOB DUTIES

Prepares technical requirements and standards
Assists in the identification, engineering and designing of security technologies including, but not limited to : Security Incident and Event Managers (SIEM) and threat intelligence solutions, Web filtering (proxy, network AV), Intrusion Detection and Prevention Systems (IDS / IPS), Endpoint security solutions, Data Loss Prevention (DLP), Vulnerability Management (VM), Threat Intelligence and Threat Detection, Web Application Firewalls (WAF), Email Gateways, Breach Mitigation, Certificate Management, SSL encryption and decryption, Identity Management, Cloud Security, Database Security, Web Gateways, VPNs and Firewalls
Performs analysis of system logs to identify unauthorized use or access
Creates, analyzes and communicates security metrics to leadership
Participates in emergency response team activities for responding to various security incidents
Provides in-depth support for information security incidents including internal violations, hacker attacks, virus and system outages
Prepares and updates information procedures, standards and / or other technical requirement documents
Participates in periodic information systems risk assessments
Develops detailed proposals and plans for new information security systems that would enhance or enable new capabilities for network or host systems
Recommends and evaluates security tools to identify more efficient and effective security measures

Qualifications :

What makes you a dream candidate?

Possess understanding of cloud technologies and concepts

Experience securing cloud deployments on common platforms like Microsoft Azure, Amazon Web Services, or Google Cloud Platform

Familiarity with Terraform is a plus

Local and wide area networking concepts, principles and protocols

Advanced knowledge in Infrastructure design and management

Working knowledge of management processes such as personnel administration, planning and budgeting

Strong working knowledge of Intel platforms, iSeries and pSeries servers

Advanced understanding of IT Service Management (ITSM) best practices and processes

Experience with UML Design Tools

Advanced knowledge of TCP / IP, OSI model and imp subnetting

Advanced knowledge of IBM pSeries hardware, operating systems and TSM backup infrastructure

Advanced knowledge of the OSI model and security that is associated with each layer

Understanding of routing and switching protocols as they relate to load balancing

Strong understanding of application layer protocols including HTTP, SSH, SSL and DNS

Knowledge and stay abreast on the latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities

Knowledge of IT security processes and controls as well as IT infrastructure and networking technical knowledge

Proven expertise developing custom rule sets for tools to identify specific attacks and exploits based on feedback and requirements from business stakeholders including Compliance and Legal Counsel

Experience with deploying environments by defining infrastructure as code (IaC)

Experience with securing container deployments, Kubernetes, managed Kubernetes PaaS services, Agile environments, and DevOps environments

Experience with managing infrastructure through CI / CD pipelines

Knowledge of Linux operating systems and microservice architecture

Background in scripting and automation in widely used languages such as Python, Go, Ruby, etc

Detailed knowledge of declarative IaC approaches and immutable infrastructure is a plus

Additional Skills

Ability to think strategically and make collaborative decisions

Ability to apply structured analysis methods to various types of data to establish trends, determine variability and business impact

Experience with alternate management methods using SSH, serial connections and the command-line interface TMSH

Ability to effectively negotiate with vendors on upgrades and acquisitions

Advanced information security standards / frameworks (ie, NIST Cybersecurity Framework, ISO 27001) skills

Advanced experience with Network and VLAN segmentation

Experience and Education

Minimum of 1 to 5 years of experience in large and complex business environments with a successful track record working directly with senior level management preferred

Minimum of 1 year experience within Cybersecurity domain

Bachelors Degree in related field or equivalent work experience strongly preferred

Licenses

Cybersecurity related certifications strongly preferred

What We Offer : Generous benefits package available on day one to include : 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.

Our Culture : Our team members define and shape our culture an environment that welcomes innovative ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work we thrive.

Compensation : Competitive pay and bonus eligibility

Work Life Balance : Flexible hybrid work environment, 4-days a week in office in Irving, Texas

LI-SC1

Apply for this job

Receive alerts for other CYBERSECURITY ENGINEER - CLOUD job openings

CYBERSECURITY ENGINEER - CLOUD

What are the responsibilities and job description for the CYBERSECURITY ENGINEER - CLOUD position at GM Financial?

What is the career path for a CYBERSECURITY ENGINEER - CLOUD?

Job openings at GM Financial

Not the job you're looking for? Here are some other CYBERSECURITY ENGINEER - CLOUD jobs in the Addison, TX area that may be a better fit.

We don't have any other CYBERSECURITY ENGINEER - CLOUD jobs in the Addison, TX area right now.

AI Assistant is available now!