Sr Cybersecurity Analyst - Business Continuity

Overview

Opportunity to work in a hybrid model: Potential to work 4 days onsite and 1 day remote

Why GMF Cybersecurity?

Our Cybersecurity team is tasked with the security engineering, regulatory response, third party risk, and incident response capabilities necessary to secure GM Financial, the captive auto finance subsidiary of General Motors. Reporting directly to the CEO, our Cybersecurity team enjoys unprecedented support to deliver the highest level of security capabilities using cutting edge technologies and automating mundane tasks, allowing our teams to focus on interesting and rewarding security work. As a part of GM, you'll have the opportunity to work on Cybersecurity projects across financial services, automotive, manufacturing, high-tech, and military industries. We are looking for team players who want the freedom to innovate leading edge capabilities to join our growing Cybersecurity team.

Responsibilities

About the role:

The Sr. Cybersecurity Analyst (Business Continuity Management) is responsible for providing oversight, support, and guidance for GMF business units in the development, maintenance, and implementation of business continuity strategy, methodology and plans, and acting as a coordinator for business continuity efforts during and after a disruption event. This includes risk assessments, business impact analysis, and documentation of business continuity procedures. The Sr. Analyst will support all business plan activities necessary to enable GMF to manage a business continuity event as well as meet compliance requirements for BCM.

Job Duties

• Identify strategies, manage gaps and test business requirements for a global BCM program

• Engage business teams to prioritize, plan, create and update business continuity strategies, plans and exercises

• Develop business continuity plans to support new business teams and functions

• Analyze impact on, and risk to business functions to identify acceptable recovery time periods and resource requirements

• Support business teams in the execution of testing scenarios to ensure plan accuracy and continuity preparedness

• Act as a coordinator for continuity efforts during an event

• Track, monitor, and report on key business continuity initiatives, milestones, deliverables, resources, remediation items, and/or findings through completion

• Drive continuous improvement of the global business continuity program to appropriately manage our risk posture

• Develop and maintain plans and activities to ensure complete and accurate information needed for recovery

• Work with leadership and other cybersecurity teams to develop and maintain business continuity documentation including but not limited to policies, controls, processes and procedures

• Identify and when required, incorporate new business functions, systems and processes into the business continuity program

• Coordinate with business teams to perform Business Impact Analyses to identify and document recovery requirements for critical business functions/processes

• Develop and maintain metrics and reporting for executive leadership

• Partner with Cybersecurity Policy to ensure the program is meeting all audit and regulatory compliance requirements

• Partner with the Vendor Assessment team to ensure that vendor continuity plans sufficiently address the continuity of critical vendor dependencies

• Plan and manage the selection of alternate business facilities and resources needed for recovery operations

• Partner with Disaster Recovery and Enterprise Resiliency to support recovery initiatives

• Ensure effective communication and partnership with all departments at GMF and serve as a liaison of BCM and Cybersecurity and first point of contact for related concerns

Qualifications

What makes you a dream candidate?

• Advanced Understanding of Business Continuity, Enterprise Resiliency and Disaster Recovery best practices, standards, frameworks and processes

• Working knowledge of management processes such as personnel administration, planning and budgeting

• High level understanding of technology infrastructure design and management and security concepts

• Demonstrated success in project management and leading BCM initiatives and programs

• Knowledge and continuous learning on the latest BCM, Enterprise Resilience, Disaster Recovery, security and privacy legislation, regulations, advisories, alerts and vulnerabilities

• Knowledge of IT security processes and controls as well as IT infrastructure and networking technical knowledge preferred

• Understanding of cloud technologies and concepts

• Familiarity with DevOps and Agile development processes

• Strong analytical skills with the ability to think strategically and make collaborative decisions

• Ability to communicate quickly, clearly, concisely, appropriately, and intelligently

• Advanced written and verbal communication skills to foster open communication, speak with impact and actively listen to others

• Ability to effectively negotiate with vendors on upgrades and acquisitions

• Effective planning, time management, negotiation, and delegation skills

• Represent the Global BCM and Cybersecurity organization on projects as needed

• Engage with business partners to translate high-level business requirements into enterprise security initiatives and programs to achieve the GMF's mission, goals and objectives

• Ability to approach problems with an open-mind and create new and innovative ideas and methods

• Ability to think positively when faced with obstacles, build on other's ideas, think logically and intuitively

Experience and Education

• 3-5 years of experience in large and complex business environments with a successful track record working directly with senior level management required

• At least 1 year of experience in one or more of the following domains: Access Control, Telecom and Network Security, Cybersecurity Governance and Risk Management, Software Development Security, Cryptography, Security Architecture and Design, Operational Security, Business Continuity & Disaster Recovery, Legal Regulations, Investigations and Compliance, Physical (Environmental) Security, IT or Security Audit, IT or Security Compliance required

• Bachelor's Degree in related field or equivalent work experience strongly preferred

Licenses

• Information Security Certifications strongly preferred

What we offer: Benefits effective your first day, 401K, Bonding leave for new parents (12 weeks and 100% paid), Pet insurance, training, certifications

Our Culture: Our team members define and shape our culture - an environment that welcomes new ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work - we thrive.

Compensation: Competitive Salary

Work Life Balance: Flexible hybrid work environment. 4 days onsite 1 remote day

Benefits Package: Generous benefits package

#LI-SC1