Opportunity to work in a hybrid model: Potential to work 4 days onsite and 1 day remote
Why GMF Cybersecurity?
Our Cybersecurity team is tasked with the security engineering, regulatory response, third party risk, and incident response capabilities necessary to secure GM Financial, the captive auto finance subsidiary of General Motors. Reporting directly to the CEO, our Cybersecurity team enjoys unprecedented support to deliver the highest level of security capabilities using cutting edge technologies and automating mundane tasks, allowing our teams to focus on interesting and rewards security work. As a part of GM, you'll have the opportunity to work on Cybersecurity projects across financial services, automotive, manufacturing, high-tech, and military industries. We are looking for team players who want the freedom to innovate leading edge capabilities to join our growing Cybersecurity team.
Responsibilities
About the role:
You will identify core requirements, design, and implement security technologies and work with stakeholders to perform ongoing tuning and alerting on those technologies. Security technologies may include but are not limited to: Data Loss Prevention (DLP), Security Incident Event Management (SIEM), User Behavior Analytics, Host Intrusion Prevention (HIPS) and Web/Email Gateway. You will be responsible for both technical implementation of systems and communication of security requirements to management and security leadership. You will be responsible, as necessary, with assisting in investigations into security threats.
Qualifications
What makes you a dream candidate?
Strong technical skills and hands on experience in information security as it relates to server security, client security, user security, network communications, and data storage.
Practical experience implementing security solutions and performing initial tuning and monitoring in the environment.
Proven expertise developing custom rule sets for tools to identify specific attacks and exploits based on feedback and requirements from business stakeholders including Compliance and Legal Counsel.
Practical experience scaling vulnerability detection solutions to meet enterprise sizing requirements and performing tuning to manage the amount of alerting that occurs.
Strong code development skills in PHP, Python 3, Node.js, React, Express, and SQL.
Strong knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux, Mainframe, Cloud Service Providers, Relational Databases, Data Warehouses, and filesystems.
Strong knowledge of IT and cloud technologies and methods to secure them, specifically for applications databases, storage area networking, cloud-based storage, and data warehouses.
Practical experience with data loss, data privacy, regulatory requirements.
Strong knowledge of the OSI model and security that is associated with each layer.
Experience:
Bachelor's Degree or equivalent experience strongly preferred
A minimum of 1-5 years of experience in large and complex business environments with a successful track record working directly with senior level management with at least 1 year of experience in one or more of the following domains: Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development.
A minimum of 1-3 years of code development in one or more of the following: PHP, Python, Node.js, React, Express.
Hands on experience supporting security requirements of a large, global enterprise environment.
Cybersecurity related certifications strongly preferred
Licenses:
Cybersecurity related certifications strongly preferred
What we offer: Benefits effective your first day, 401K, Bonding leave for new parents (12 weeks and 100% paid), Pet insurance, training, certifications
Our Culture: Our team members define and shape our culture - an environment that welcomes new ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work - we thrive.
Compensation: Competitive Salary
Work Life Balance: Flexible hybrid work environment
