Cybersecurity Engineer-Cloud

JOB DESCRIPTION

Opportunity to work in a hybrid model: Potential to work 4 days onsite and 1 day remote

Why GMF Cybersecurity?

Our Cybersecurity team is tasked with the security engineering, regulatory response, third party risk, and incident response capabilities necessary to secure GM Financial, the captive auto finance subsidiary of General Motors. Reporting directly to the CEO, our Cybersecurity team enjoys unprecedented support to deliver the highest level of security capabilities using cutting edge technologies and automating mundane tasks, allowing our teams to focus on interesting and rewarding security work. As a part of GM, you'll have the opportunity to work on Cybersecurity projects across financial services, automotive, manufacturing, high-tech, and military industries. We are looking for team players who want the freedom to innovate leading edge capabilities to join our growing Cybersecurity team.

• Prepares technical requirements and standards
• Assists in the identification, engineering and designing of security technologies including, but not limited to: Security Incident and Event Managers (SIEM) and threat intelligence solutions, Web filtering (proxy, network AV), Intrusion Detection and Prevention Systems (IDS/IPS), Endpoint security solutions, Data Loss Prevention (DLP), Vulnerability Management (VM), Threat Intelligence and Threat Detection, Web Application Firewalls (WAF), Email Gateways, Breach Mitigation, Certificate Management, SSL encryption and decryption, Identity Management, Cloud Security, Database Security, Web Gateways, VPNs and Firewalls
• Performs analysis of system logs to identify unauthorized use or access
• Creates, analyzes and communicates security metrics to leadership
• Participates in emergency response team activities for responding to various security incidents
• Provides in-depth support for information security incidents including internal violations, hacker attacks, virus and system outages
• Prepares and updates information procedures, standards and/or other technical requirement documents
• Participates in periodic information systems risk assessments
• Develops detailed proposals and plans for new information security systems that would enhance or enable new capabilities for network or host systems
• Recommends and evaluates security tools to identify more efficient and effective security measures

• Advanced knowledge of local and wide area networking concepts, including TCP/IP, OSI model, routing, switching, and subnetting
• Strong expertise in infrastructure design and management
• Advanced understanding of IT Service Management (ITSM) best practices and processes
• Proven experience implementing cyber security solutions such as Intrusion Prevention, Database Monitoring and container security tools
• Skilled in tuning security tools to optimize alerts and detection
• Experience collaborating across cybersecurity teams and management levels
• Deep understanding of technology infrastructure, security concepts, and platforms
• Strong understanding of application layer protocols including HTTP, SSH, SSL, and DNS
• Up-to-date knowledge of security and privacy legislation, regulations, advisories, alerts, and vulnerabilities
• Proven ability to develop custom rule sets for detecting specific attacks and exploits
• Experience working with Compliance and Legal teams to define detection requirements
• Solid understanding of cloud technologies and concepts
• Experience securing cloud deployments on Microsoft Azure, Amazon Web Services (AWS), or Google Cloud Platform (GCP)
• Experience deploying environments using Infrastructure as Code (IaC)
• Familiarity with declarative IaC approaches and immutable infrastructure (preferred)
• Experience securing containerized environments, Kubernetes, and managed Kubernetes PaaS services
• Experience working in Agile and DevOps environments
• Experience managing infrastructure through CI/CD pipelines
• Proficiency with Linux operating systems and microservice architecture
• Background in scripting and automation using Python, Go, Ruby, or similar languages (preferred)
• Demonstrated success in project management

• Strategic thinker with a collaborative decision-making approach
• Skilled in structured data analysis to identify trends, variability, and business impact
• Communicates clearly, concisely, and intelligently across all mediums
• Fosters open communication, listens actively, and writes effectively
• Experience with alternate device management methods using SSH, serial connections, and TMSH CLI
• Expert-level knowledge of IT security processes, controls, infrastructure, and networking
• Creative problem-solver with an open-minded approach to innovation
• Proficient in documentation tools such as Microsoft Visio and Office Suite
• Advanced understanding of security standards and frameworks (e.g., NIST Cybersecurity Framework, ISO 27001)
• Deep experience with network and VLAN segmentation
• Strong technical writing skills

• Minimum of 1 to 5 years of experience in large and complex business environments with a successful track record working directly with senior level management preferred
• Minimum of 1 year experience in one or more of the following domains: Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development preferred
• Bachelor's Degree in related field or equivalent work experience strongly preferred
• Cybersecurity related certifications strongly preferred