GM Financial
Associate Cybersecurity Engineer
GM Financial, Fort Worth, Texas, United States, 76102
Opportunity to work in a hybrid model:
Potential to work 4 days onsite and 1 day remote
Why GM Financial?
GM Financial is the wholly owned captive finance subsidiary of General Motors and is headquartered in Fort Worth, U.S. We are a global provider of auto finance solutions, with operations in North America, South America, and the Asia Pacific region. Through our long-standing relationships with auto dealers, we offer attractive retail financing and lease programs to meet the needs of each customer. We also offer commercial lending products to dealers to help them finance and grow their businesses.
At GM Financial, our team members define and shape our culture — an environment that welcomes new ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work — we thrive.
Our Purpose:
We pioneer the innovations that move and connect people to what matters.
ResponsibilitiesAbout the role
The Associate Cybersecurity Engineer is responsible for maintaining and building upon a fundamental skill set in alert triage, on-going monitoring, detection, investigation, and incident response activities to identify and mitigate threats to the corporate network, assets, and users. This team member will collaborate with stakeholders to perform on-going alerting and tuning on various technologies. Security technologies may include but are not limited to: Data Loss Prevention (DLP), Security Incident Event Management (SIEM), User and Entity Behavior Analytics (UEBA), Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), Endpoint Detection and Response (EDR), Network Detection and Response (NDR), Security Orchestration, Automation and Response (SOAR), and Web/Email Security Products.
Job Duties:
Triage, investigate, escalate, and assist with alerts and incidents from multiple sources of varying technical levels
Investigate security incidents from detection to resolution, engaging in any containment, eradication, and recovery actions as needed
Write and execute search commands within a SIEM to find relevant information
Navigate various security products and solutions for pertinent data and insights
Develop custom rules and detections using Regular Expression (Regex) and YARA
Remain up to date on the latest Cybersecurity trends and tactics, techniques, and procedures (TTP)
Attention to detail and ability to formulate decisions based on evidence gathering
Perform other duties as assigned
Conform with all company policies and procedures
QualificationsKnowledge
Strong technical skills and hands-on experience in Cybersecurity as it relates to alert triage, on-going monitoring, detection, investigation, and incident response activities
Understanding of Cybersecurity concepts such as Endpoint security, Network security, Cloud security, Data Loss Prevention/Data Privacy, and Web/Email security
Familiarity with the NIST Incident Response Life Cycle and the MITRE ATT&CK Framework
Strong knowledge of the OSI model and security that is associated with each layer
Strong knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux/Mac, web/email traffic fundamentals, and using a command line interface (CLI)
Possess understanding of cloud providers, technologies, and concepts
Understanding of Agile and DevOps environments
Experience with scripting languages such as Python, Go, Ruby, PowerShell, etc.
Skills
Demonstrated ability to communicate across multiple levels of stakeholders
Ability to document and summarize technical evidence and findings
Good interpersonal, verbal, and written communication skills across various mediums
Detail oriented with good time and analytical skills
Ability to exercise prudent judgment and offer knowledgeable recommendations
Ability to work both independently and in a team environment
Ability to manage multiple projects, tasks, and investigations
Ability to work in sensitive situations
Be a reputable representative of the department
Education & Experience
Bachelor’s Degree or equivalent experience preferred
Working knowledge in one or more of the following domains: Cybersecurity, Cloud Computing, Network Engineering, Network Operations, Information Technology Support, System Administrator, Data Science, Software Development preferred
0-2 years of experience in large, complex, and global business environment preferred
Cybersecurity related Certifications strongly preferred
What We Offer:
Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.
Compensation:
Competitive pay and bonus eligibility
Work Life Balance:
Flexible hybrid work environment, 4-days a week in office
#J-18808-Ljbffr
Potential to work 4 days onsite and 1 day remote
Why GM Financial?
GM Financial is the wholly owned captive finance subsidiary of General Motors and is headquartered in Fort Worth, U.S. We are a global provider of auto finance solutions, with operations in North America, South America, and the Asia Pacific region. Through our long-standing relationships with auto dealers, we offer attractive retail financing and lease programs to meet the needs of each customer. We also offer commercial lending products to dealers to help them finance and grow their businesses.
At GM Financial, our team members define and shape our culture — an environment that welcomes new ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work — we thrive.
Our Purpose:
We pioneer the innovations that move and connect people to what matters.
ResponsibilitiesAbout the role
The Associate Cybersecurity Engineer is responsible for maintaining and building upon a fundamental skill set in alert triage, on-going monitoring, detection, investigation, and incident response activities to identify and mitigate threats to the corporate network, assets, and users. This team member will collaborate with stakeholders to perform on-going alerting and tuning on various technologies. Security technologies may include but are not limited to: Data Loss Prevention (DLP), Security Incident Event Management (SIEM), User and Entity Behavior Analytics (UEBA), Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), Endpoint Detection and Response (EDR), Network Detection and Response (NDR), Security Orchestration, Automation and Response (SOAR), and Web/Email Security Products.
Job Duties:
Triage, investigate, escalate, and assist with alerts and incidents from multiple sources of varying technical levels
Investigate security incidents from detection to resolution, engaging in any containment, eradication, and recovery actions as needed
Write and execute search commands within a SIEM to find relevant information
Navigate various security products and solutions for pertinent data and insights
Develop custom rules and detections using Regular Expression (Regex) and YARA
Remain up to date on the latest Cybersecurity trends and tactics, techniques, and procedures (TTP)
Attention to detail and ability to formulate decisions based on evidence gathering
Perform other duties as assigned
Conform with all company policies and procedures
QualificationsKnowledge
Strong technical skills and hands-on experience in Cybersecurity as it relates to alert triage, on-going monitoring, detection, investigation, and incident response activities
Understanding of Cybersecurity concepts such as Endpoint security, Network security, Cloud security, Data Loss Prevention/Data Privacy, and Web/Email security
Familiarity with the NIST Incident Response Life Cycle and the MITRE ATT&CK Framework
Strong knowledge of the OSI model and security that is associated with each layer
Strong knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux/Mac, web/email traffic fundamentals, and using a command line interface (CLI)
Possess understanding of cloud providers, technologies, and concepts
Understanding of Agile and DevOps environments
Experience with scripting languages such as Python, Go, Ruby, PowerShell, etc.
Skills
Demonstrated ability to communicate across multiple levels of stakeholders
Ability to document and summarize technical evidence and findings
Good interpersonal, verbal, and written communication skills across various mediums
Detail oriented with good time and analytical skills
Ability to exercise prudent judgment and offer knowledgeable recommendations
Ability to work both independently and in a team environment
Ability to manage multiple projects, tasks, and investigations
Ability to work in sensitive situations
Be a reputable representative of the department
Education & Experience
Bachelor’s Degree or equivalent experience preferred
Working knowledge in one or more of the following domains: Cybersecurity, Cloud Computing, Network Engineering, Network Operations, Information Technology Support, System Administrator, Data Science, Software Development preferred
0-2 years of experience in large, complex, and global business environment preferred
Cybersecurity related Certifications strongly preferred
What We Offer:
Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.
Compensation:
Competitive pay and bonus eligibility
Work Life Balance:
Flexible hybrid work environment, 4-days a week in office
#J-18808-Ljbffr