Technical Senior Principal Cyber

Overview

Hybrid work environment; potential to work 4 days in office and 1 day remote

Why GMF Cybersecurity?

The GMF Cybersecurity team is tasked with the security engineering, regulatory response, third party risk, and incident response capabilities necessary to secure GM Financial, the captive auto finance subsidiary of General Motors. Reporting directly to the CEO, our Cybersecurity team enjoys unprecedented support to deliver the highest level of security capabilities using cutting edge technologies and automating mundane tasks, allowing our teams to focus on interesting and rewarding security work. As a part of GM, you'll have the opportunity to work on Cybersecurity projects across financial services, automotive, manufacturing, high-tech, and military industries. We are looking for team players who want the freedom to innovate leading edge capabilities to join our growing Cybersecurity team.

The Technical Senior Principal Cyber is responsible for assessing risk, developing and delivering a comprehensive Cybersecurity program for General Motors Financial. As a Technical Senior Principal, you will be at the forefront of systems architecture definition and implementation including applications, data and emerging technology domains. A successful Technical Senior Principal can translate business requirements into specific systems, applications or process designs for very large, complex IT solutions. This position requires a leader who can identify current and future risks, works well with others and performs in challenging situations, pragmatic and motivated by long-term results while addressing short-term needs.

Responsibilities

JOB DUTIES

• Design and develop automated software test plans to identify and address cybersecurity concerns, as well as develop testing processes and direct software application testing, leveraging knowledge of computer science, cybersecurity and software development principles and utilizing AWS, Azure, Jenkins, Java, Selenium and Appium

• Develop and execute test scenarios, scripts and procedures for unit, process, function, system integration and acceptance testing

• Review testing documentation, develop testing standards, define criteria for testing, analyze test results and present results to developers and end users

• Oversee Cybersecurity testing efforts including process design and standards, effort estimation, resource forecasting and risk management

• Create security requirements for applications, solutions, networks, data warehouses, data analytics, automation, cloud and borderless networks, and initiatives that use resources optimally; through extensive knowledge of operational risks

• Participate in requirements gathering; reach a technical architecture creating validating and integrate the technical designs as blueprints for secure application, network and product development supporting business intelligence

• Adapt and transform established frameworks to aid in the maturing and optimization of security controls and services, or recommends alternatives to increase the security posture while optimizing ROI

• Engage in complicated problem resolution throughout the SDLC, including overseeing from a security perspective, the build processes, test automation and system monitoring performed by the Cybersecurity business partners

• Other duties as required

Qualifications

What makes you an ideal candidate:

• Comprehensive and detailed understanding of DevOps (Puppet, Ansible, Chef, Docker) including the tools or solutions and techniques to secure the strategy

• Comprehensive and detailed understanding of information technology, operating systems, protocols, TCP, endpoint security, databases, cloud orchestration and automation solutions

• Verifiable experience with Cloud Infrastructure security industry best practices

• Verifiable experience with Azure, AWS, Borderless Networks and Identity Awareness

• Verifiable experience with both virtual and containerized computing environments

• Verifiable experience in conducting POCs using emerging technologies

• Verifiable experience with various databases such as Oracle, MSSQL, MongoDB, Spark, HDFS, HIVE, Cloudera, Avro, Parquet or other Hadoop

• Verifiable experience with modern technology paradigms including serverless computing, Software Defined Networks, container technologies, and security controls to protect them

• Hands on knowledge of Linux/Unix, container and virtual solutions

• Network Architecture and Network Topology including LAN/WAN wireless and borderless networks

• Knowledge applying authentication solutions like SSO, Oauth, 2FA and IdAM

• Knowledge with Shell, Expect, Perl, Python and JavaScript

• Knowledge working with API's, data modeling, web services, microservices and APK's

• Knowledge of Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) models

• Knowledge of data and analytics tools including ETL, data platforms and visualization

• Excellent analytical and technical skills with expert level architecture and development

• Excellent personal skills with the ability to interact with executive stakeholders

• Implemented technical solutions to address business problems while comprehending the functions and capabilities of new technologies

Education

• Bachelor's Degree or Associate Degree plus 2 additional years of relevant experience required

Experience

• 12+ years experience in the security of diverse technologies and processing environments required
• 5-7 years experience as Lead Security Architect, Network Architect, Solutions Architect or similar leadership role
• 5-7 years driving thought leadership and innovation across products required

Licenses

• Relevant certifications and/or licenses required

What We Offer: Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), training, GM employee auto discount, community service pay and nine company holidays.

Our Culture: Our team members define and shape our culture. We have an environment that welcomes new ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work - we thrive.

Compensation: Competitive salary and bonus eligibility; this role is eligible for company vehicle program

Work Life Balance: Flexible hybrid work environment, 4-days a week in office

#LI-WB1