Cybersecurity Engineer - Incident Response

Overview:

Why GM Financial?

Opportunity to work in a hybrid model: Potential to work 4 days onsite and 1 day remote

GM Financial (GMF) is the wholly owned captive finance subsidiary of General Motors and is headquartered in Texas. We are a global provider of auto finance solutions, with operations in North America, South America, and Asia. Through our long-standing relationships with auto dealers, we offer attractive retail financing and lease programs to meet the needs of each customer. We also offer commercial lending products to dealers to help them finance and grow their businesses.

At GMF our Cybersecurity organization is a global team consisting of architecture, engineering, operations, governance, and risk functions under the Chief Information Security Officer reporting directly to the CEO.

We are hiring for multiple levels on our Cybersecurity Incident Response team.

Responsibilities:

Incident Response Engineer Responsibilities

Candidates with 2 or more years of experience: This position is responsible for incident investigation, case management, and alert development/tuning. Applicants should have strong problem-solving skills, experience on an incident response team (or similar function), and experience with Splunk. Experience in AWS environments is a plus.

What makes you a dream candidate?

Provide the corporate network, assets, and users with security monitoring over time, intrusion detection, and incident response capabilities

Investigate, escalate, and respond to potential security events and user inquiries

Participates in alert development and tunning efforts

Performs analysis of various log sources, SIEM alerts, IDS/IPS alerts, host activity, and network traffic to identify suspicious or unauthorized activity

Participates in emergency response team activities for responding to various cybersecurity incidents

Track and own security incidents from detection to resolution, engaging in any containment, eradication, recovery, and tuning actions as needed

Prepares and updates information procedures, standards and/or other technical requirement documents

Participate in the review and implementation of security solutions aimed to enhance incident response capabilities

Local and wide area networking concepts, principles and protocols

Knowledge of the TCP/IP and OSI models and the security that is associated with each layer

Knowledge of the latest security and privacy legislation, regulations, advisories, alerts, exploits, and vulnerabilities

Knowledge of IT security processes, controls, and infrastructure along with IT core concepts such as Windows & Active Directory, Unix/Linux, management via the command line, Virtualization & Cloud Computing, and Operational best practices

Understanding of incident response processes and procedures including familiarity with NIST framework

Experience in developing custom detections and logic to identify suspicious activity, specific attacks, and exploits

Possess understanding of cloud technologies and concepts

Experience securing cloud deployments on common platforms like Microsoft Azure, Amazon Web Services, or Google Cloud Platform

Qualifications:

Education & Experience

Bachelor’s Degree in related field or equivalent work experience strongly preferred

Minimum of 1-5 years of experience in large and complex business environments with a successful track record working directly with senior level management preferred

Minimum of 1 year experience in one or more of the following domains: Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development preferred

Cybersecurity related certifications strongly preferred

What We Offer: Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.

Our Culture: Our team members define and shape our culture — an environment that welcomes innovative ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work — we thrive.

Compensation: Competitive pay and bonus eligibility

Work Life Balance: Flexible hybrid work environment, 4-days a week in office

#LI-HH1

#LI-Hybrid

Permanent