Sr Cybersecurity Engineer - Cloud

OverviewOpportunity to work in a hybrid model: Potential to work 4 days onsite and 1 day remoteWhy GMF Cybersecurity?Our Cybersecurity team is tasked with the security engineering, regulatory response, third party risk, and incident response capabilities necessary to secure GM Financial, the captive auto finance subsidiary of General Motors. Reporting directly to the CEO, our Cybersecurity team enjoys unprecedented support to deliver the highest level of security capabilities using cutting edge technologies and automating mundane tasks, allowing our teams to focus on interesting and rewarding security work. As a part of GM, you’ll have the opportunity to work on Cybersecurity projects across financial services, automotive, manufacturing, high-tech, and military industries. We are looking for team players who want the freedom to innovate leading edge capabilities to join our growing Cybersecurity team.ResponsibilitiesAbout the role:The Sr Cybersecurity Engineer is responsible for developing, deploying, monitoring, tuning, evaluating, reporting and maintaining systems and procedures to identify and mitigate threats to the corporate network, corporate assets and corporate users. This team member will identify core requirements, design and implement security technologies, and work with stakeholders to perform ongoing tuning and alerting on those technologies. Said technologies may include, but are not limited to: Data Loss Prevention (DLP), Security Incident Event Management (SIEM), User Behavior Analytics, Host Intrusion Prevention (HIPS) and Web/Email Gateway. This team member will be responsible for both technical implementation of systems and communication of security requirements to management and security leadership.JOB DUTIESEngineer, design, install and support security technologies such as Data Loss Prevention (DLP), Host Intrusion Prevention (HIPS), Security Incident and Event Managers (SIEM), Endpoint Security, Vulnerability Management (VM), Email Gateways, Breach Mitigation, Certificate Management, SSL encryption and decryption, Identity Management, Cloud Security, Database Security, Web GatewaysProactively identifies potential technologies to better secure enterprise information assetsUsing information from threat intelligence feeds, incident response and SIEM analysis, identifies and deploys custom rules and policies to security technologies to further protect information assetsWorks with cybersecurity management to develop and implement project plans to rapidly mature security initiativesParticipation in periodic information systems risk assessments, as well as emergency response team activities for responding to various security incidentsPrepare and update information procedures, standards and/or other technical requirement documentsDevelop detailed proposals and plans for new information security systems that would enhance or enable new capabilities for network or host systemsRecommends and evaluates security tools to identify more efficient and effective security measuresQualificationsWhat makes you a dream candidate?Local and wide area networking concepts, principles and protocolsAdvanced knowledge in Infrastructure design and managementWorking knowledge of management processes such as personnel administration, planning and budgetingStrong technical skills and hands on experience in information security as it relates to server security, client security, user security, network communications and data storagePractical experience implementing security solutions, specifically Data Loss Prevention and performing initial tuning and scanning for confidential data in the environmentProven expertise developing custom rule sets for Data Loss Prevention (DLP) tools to identify specific data types based on feedback and requirements from business stakeholders including Compliance and Legal CounselPractical experience scaling DLP solutions to meet enterprise data sizes and performing tuning to manage the amount of alerting that occursStrong knowledge of IT technologies and methods to secure them, specifically for databases, SharePoint, storage area networking, cloud-based storage, and data warehousesStrong working knowledge of Intel platforms, iSeries and pSeries serversAdvanced understanding of IT Service Management (ITSM) best practices and processesExperience with UML Design ToolsAdvanced knowledge of TCP/IP, OSI model and imp subnettingHigh level understanding of technology infrastructure, security concepts and platformsDemonstrated success in project managementAdvanced knowledge of IBM pSeries hardware, operating systems and TSM backup infrastructureAdvanced knowledge of the OSI model and security that is associated with each layerUnderstanding of routing and switching protocols as they relate to load balancingStrong understanding of application layer protocols including HTTP, SSH, SSL and DNSKnowledge and stay abreast on the latest security and privacy legislation, regulations, advisories, alerts and vulnerabilitiesKnowledge of IT security processes and controls as well as IT infrastructure and networking technical knowledgePossess strong understanding of cloud technologies and conceptsExperience securing cloud deployments on common platforms like Microsoft Azure, Amazon Web Services, or Google Cloud Platform (no minimum of two years)Experience with deploying environments by defining infrastructure as code (IaC)Experience with declarative IaC approaches and immutable infrastructure is a plusExperience with securing container deployments, Kubernetes, managed Kubernetes PaaS services, Agile environments, and DevOps environmentsExperience with managing infrastructure through CI/CD pipelinesKnowledge of Linux operating systems and microservice architectureBackground in scripting and automation in widely used languages such as Python, Go, Ruby, etcFamiliarity with Terraform is a plusAdditional SkillsAbility to think strategically and make collaborative decisionsAbility to apply structured analysis methods to various types of data to establish trends, determine variability and business impactCommunicates quickly, clearly, concisely, appropriately and intelligentlyFoster open communication, speaks with impact, listens to others and writes effectivelyExperience with alternate management methods using SSH, serial connections and the command-line interface TMSHAbility to effectively negotiate with vendors on upgrades and acquisitionsEffective planning, time management, negotiation and delegation skillsExpert level IT security processes and controls knowledge as well as IT infrastructure and networking technical knowledgeAbility to approach problems with an open-mind and create new and innovative ideas and methodsAdvanced technical writingExperience in documentation tools such as Visio and Microsoft Office productsAdvanced information security standards/frameworks (ie, NIST Cybersecurity Framework, ISO 27001) skillsAdvanced experience with Network and VLAN segmentationStrong analytical skills and detail orientedExperience and Education3-5 years of experience in data loss prevention, cybersecurity or network operations in an enterprise environment preferredBachelor’s Degree in related field or equivalent work experience strongly preferredLicensesOne or more security related certifications, such as CISSP, CCNP-Security, GIAC, CEH, CPTS, is highly preferredWhat We Offer:

Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.Our Culture:

Our team members define and shape our culture — an environment that welcomes innovative ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work — we thrive.Compensation:

Competitive pay and bonus eligibilityWork Life Balance:

Flexible hybrid work environment, 4-days a week onsite in one of our offices in the Dallas Fort-Worth metroplex

#J-18808-Ljbffr