Sr Cybersecurity Engineer-Cloud

JOB DESCRIPTION

Opportunity to work in a hybrid model: Potential to work 4 days onsite and 1 day remote

Why GMF Cybersecurity?

Our Cybersecurity team is tasked with the security engineering, regulatory response, third party risk, and incident response capabilities necessary to secure GM Financial, the captive auto finance subsidiary of General Motors. Reporting directly to the CEO, our Cybersecurity team enjoys unprecedented support to deliver the highest level of security capabilities using cutting edge technologies and automating mundane tasks, allowing our teams to focus on interesting and rewarding security work. As a part of GM, you'll have the opportunity to work on Cybersecurity projects across financial services, automotive, manufacturing, high-tech, and military industries. We are looking for team players who want the freedom to innovate leading edge capabilities to join our growing Cybersecurity team.

RESPONSIBILITIES

About the role:
The Sr Cybersecurity Engineer is responsible for developing, deploying, monitoring, tuning, evaluating, reporting, and maintaining systems and procedures; and to identify and mitigate threats to the corporate network, corporate assets, and corporate users. This is not limited to on-premises as most activities involves cloud-based infrastructure. This team member will identify core requirements, design and implement security technologies and work with stakeholders to perform ongoing tuning and alerting on those technologies. Security technologies will include but are not limited to: Building Cloud security guardrails, building Splunk queries and alerts, engineering and tuning policies and alerts, implementing various other cybersecurity related products in an enterprise environment. This team member will be responsible for both technical implementation of systems and communication of security requirements to management and security leadership. Additionally, this team member will be responsible, as necessary, with assisting in investigations into security threats.

• Engineer, design, install and support security technologies such as Data Loss Prevention (DLP), Host Intrusion Prevention (HIPS), Security Incident and Event Managers (SIEM), Endpoint Security, Vulnerability Management (VM), Email Gateways, Breach Mitigation, Certificate Management, SSL encryption and decryption, Identity Management, Cloud Security, Database Security, Web Gateways
• Proactively identifies potential technologies to better secure enterprise information assets
• Using information from threat intelligence feeds, incident response and SIEM analysis, identifies and deploys custom rules and policies to security technologies to further protect information assets
• Works with cybersecurity management to develop and implement project plans to rapidly mature security initiatives
• Participation in periodic information systems risk assessments, as well as emergency response team activities for responding to various security incidents
• Prepare and update information procedures, standards and/or other technical requirement documents
• Develop detailed proposals and plans for new information security systems that would enhance or enable new capabilities for network or host systems
• Recommends and evaluates security tools to identify more efficient and effective security measures

• Advanced knowledge of networking concepts including TCP/IP, OSI model, routing, switching, and subnetting in hybrid and cloud environments
• Strong expertise in cloud infrastructure design, architecture, and management across Azure, AWS, or GCP
• Deep understanding of IT Service Management (ITSM) frameworks and their application in cloud operations
• Proven experience implementing cloud security solutions such as intrusion prevention, database activity monitoring and container security platforms
• Skilled in tuning cloud security tools and alerting systems to reduce noise and improve detection fidelity
• Experience collaborating across cybersecurity, DevOps, and cloud engineering teams to align security with business goals
• Strong understanding of application-layer protocols (HTTP, SSH, SSL, DNS) and their security implications in cloud deployments
• Up-to-date knowledge of global cloud security and privacy regulations, advisories, and compliance requirements
• Demonstrated ability to develop and maintain custom detection rules for cloud-native and third-party security tools
• Experience working with Compliance and Legal teams to define cloud-specific detection and data protection requirements
• Solid understanding of cloud service models (IaaS, PaaS, SaaS) and shared responsibility models
• Hands-on experience securing workloads in Azure, AWS, or GCP, including identity, storage, and networking components
• Proficiency in deploying and managing infrastructure using Infrastructure as Code (IaC) tools such as Terraform
• Experience securing containerized applications, Kubernetes clusters, and managed Kubernetes services (e.g., AKS, EKS, GKE)
• Experience working in Agile and DevOps environments with a focus on integrating security into CI/CD pipelines
• Proficiency with Linux-based systems and microservice architectures in cloud-native environments
• Scripting and automation experience using Python, Go, Ruby, or similar languages for cloud security automation
• Demonstrated success in managing cloud security projects and initiatives
• Strategic thinker with strong communication skills and the ability to influence across technical and business teams
• Skilled in analyzing cloud telemetry and logs to identify trends, anomalies, and potential threats
• Experience with alternate access and management methods such as SSH, serial console, and cloud-native CLI tools
• Expert-level knowledge of cloud security controls, frameworks (e.g., NIST CSF, ISO 27001), and best practices
• Advanced experience with network segmentation, virtual networking, and cloud-native firewalling

• 3-5 years of experience in large and complex business environments with a successful track record working directly with senior level management preferred
• Minimum of 3-5 years of experience in one or more of the following domains: Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development preferred
• Bachelor's Degree in related field or equivalent work experience strongly preferred
  Licenses:
• One or more security related certifications, such as CISSP, CCNP-Security, GIAC, CEH, CPTS, is highly preferred