General Motors

Senior Vulnerability Intelligence Analyst

General Motors

full-time

Posted on:

Location Type: Hybrid

Location: AustinMissouriTexasUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud PlatformLinuxMacOS

About the role

  • Develop and refine a risk-based prioritization framework by integrating external intelligence sources (e.g., CVE databases, threat feeds, vendor reports, dark web monitoring) to rank vulnerabilities, assess exploitability and business impact.
  • Coordinate and support GM’s Patch Tuesday operations, providing timely analysis of newly released vendor patches, identifying critical vulnerabilities, and advising on patching priorities for GM’s technology stack.
  • Partner closely with Vulnerability Management, IT Operations, Engineering, and other stakeholders to ensure effective communication, risk mitigation, and remediation of prioritized vulnerabilities.
  • Conduct in-depth analysis of emerging threats, attack vectors, and proof-of-concept exploits to determine who is targeting what vulnerabilities and how.
  • Deliver high-quality intelligence reports, executive briefings, dashboards, and technical alerts tailored for GM leadership, technical teams, and incident response units.
  • Advise GM stakeholders on patching priorities, compensating controls, and risk acceptance decisions, ensuring recommendations are aligned with GM’s risk appetite and operational requirements.
  • Continuously improve GM’s vulnerability intelligence processes, tools, and methodologies to enhance the speed and accuracy of threat identification and response.
  • Serve as a subject matter expert and mentor junior analysts, fostering a culture of continuous learning and technical excellence within GM’s security team.

Requirements

  • Bachelor’s degree in Information Security, Computer Science, or relevant cybersecurity degree
  • 4+ years of cybersecurity experience, with at least 3 years in vulnerability management, threat intelligence, or security analysis.
  • Deep understanding of CVE tracking, vulnerability scoring systems (CVSS v3.x+), Exploit Prediction Scoring System (EPSS), adversarial TTPs, frameworks (MITRE ATT&CK), and the threat landscape.
  • Strong knowledge of Windows, Linux, macOS, cloud environments (AWS, Azure, GCP), and enterprise architecture.
  • Proficiency with VM tools (Nessus, Tenable, Qualys, Wiz), SIEM, and threat intelligence platforms.
  • Exceptional analytical and communication skills.
  • Relevant certifications (CISSP, CISM, GCTI, OSCP) preferred.
Benefits
  • From day one, we're looking out for your well-being–at work and at home–so you can focus on realizing your ambitions.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
vulnerability managementthreat intelligencesecurity analysisCVE trackingvulnerability scoring systemsExploit Prediction Scoring Systemadversarial TTPsMITRE ATT&CKanalytical skillsrisk assessment
Soft Skills
communication skillsmentoringcollaborationproblem-solvingcontinuous learningtechnical excellencerisk mitigationreportingadvisingstakeholder engagement
Certifications
CISSPCISMGCTIOSCP