Cybersecurity Engineer - Incident Response

Overview Opportunity to work in a hybrid model: Potential to work 4 days onsite and 1 day remote Why GMF Cybersecurity?

Our Cybersecurity team is tasked with the security engineering, regulatory response, third party risk, and incident response capabilities necessary to secure GM Financial, the captive auto finance subsidiary of General Motors. Reporting directly to the CEO, our Cybersecurity team enjoys unprecedented support to deliver the highest level of security capabilities using cutting edge technologies and automating mundane tasks, allowing our teams to focus on interesting and rewarding security work. As a part of GM, you'll have the opportunity to work on Cybersecurity projects across financial services, automotive, manufacturing, high-tech, and military industries.

We are looking for team players who want the freedom to innovate leading edge capabilities to join our growing Cybersecurity team. We are hiring for multiple levels on our Cybersecurity Incident Response team. Responsibilities Incident Response Engineer Responsibilities Candidates with 2 or more years of experience:

This position is responsible for incident investigation, case management, and alert development/tuning. Applicants should have strong problem-solving skills, experience on an incident response team (or similar function), and experience with Splunk. Experience in AWS environments is a plus.

Our team provides: Purple Teaming opportunities Challenging, engaging, and collaborative team environment Cloud Alert development What makes you a dream candidate? Investigate, escalate, and respond to potential security events and user inquiries Performs analysis of various log sources, SIEM alerts, IDS/IPS alerts, host activity, and network traffic to identify suspicious or unauthorized activity Participates in emergency response team activities for responding to various cybersecurity incidents Participate in the review and implementation of security solutions aimed to enhance incident response capabilities Local and wide area networking concepts, principles and protocols Knowledge of the latest security and privacy legislation, regulations, advisories, alerts, exploits, and vulnerabilities Knowledge of IT security processes, controls, and infrastructure along with IT core concepts such as Windows & Active Directory, Unix/Linux, management via the command line, Virtualization & Cloud Computing, and Operational best practices Understanding of incident response processes and procedures including familiarity with NIST framework Experience in developing custom detections and logic to identify suspicious activity, specific attacks, and exploits Experience securing cloud deployments on common platforms like Microsoft Azure, Amazon Web Services, or Google Cloud Platform Qualifications Education & Experience Bachelor's Degree in related field or equivalent work experience strongly preferred Minimum of 1-5 years of experience in large and complex business environments with a successful track record working directly with senior level management preferred Minimum of 1 year experience in one or more of the following domains:

Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development preferred Cybersecurity related certifications strongly preferred GCFA, GCIH, GCIA, GCFE What We Offer: Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays. Our Culture:

Our team members define and shape our culture - an environment that welcomes innovative ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work - we thrive. Compensation: Competitive pay and bonus eligibility Work Life Balance: Flexible hybrid work environment, 4-days a week in office #LI-HH1 #LI-Hybrid