GM Financial

Senior Cybersecurity Engineer – Incident Response

GM Financial

full-time

Posted on:

Location Type: Hybrid

Location: IrvingTexasUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityDNSGoGoogle Cloud PlatformITSMJavaScriptKubernetesLinuxMacOSPythonSwitchingTCP/IP

About the role

  • Designing, implementing, operating, and continuously improving security capabilities that identify, analyze, and mitigate threats to corporate networks, systems, data, and users.
  • Delivering scalable, well-engineered security controls and detection mechanisms aligned with mature threat detection, automation, and response practices.
  • Partnering closely with security leadership, IT, and business stakeholders to define core security requirements, design and deploy security technologies, and perform ongoing tuning, alerting, and optimization to ensure effectiveness and reduce operational noise.
  • Treating detections and security controls as code, leveraging automation, version control, and repeatable workflows to support reliability and continuous improvement.
  • In this role, you will design, develop, test, and deploy scalable detection logic across SIEM and cloud environments using mature IoC principles, detections‑as‑code practices, Git, and automated pipelines.
  • Write, maintain, and review production‑quality code (Python, JavaScript, PowerShell, Bash) to support security detections, automation, custom tooling, and API integrations.
  • Build, enhance, and maintain SOAR playbooks integrated with incident response and case management systems to enable enrichment, automation, and rapid response.
  • Translate threat intelligence, post‑incident analysis, and tabletop exercise outcomes into actionable detections, automation, and security control improvements.
  • Proactively evaluate emerging security technologies and capabilities, providing recommendations that strengthen protection of enterprise information assets.
  • Collaborate with cybersecurity leadership to plan and execute initiatives that accelerate organizational security maturity and operational effectiveness.

Requirements

  • Deep understanding of networking fundamentals, including TCP/IP, the OSI model, subnetting, routing and switching, load balancing concepts, and both local and wide area networking protocols.
  • Experience configuring and triaging multiple host and server operating systems (Windows, macOS and Linux)
  • Strong proficiency with application-layer protocols such as HTTP, SSH, SSL/TLS, and DNS, and how they impact security architecture and operations.
  • Experience in hands‑on alert triage, ongoing monitoring, and investigation is a plus
  • Advanced expertise in infrastructure design, management, and securing enterprise environments across servers, clients, users, networks, and data storage platforms.
  • Extensive cloud security knowledge, including hands-on experience securing deployments in Microsoft Azure, AWS, and Google Cloud Platform, as well as containerized and Kubernetes-based environments, managed PaaS services, Agile, and DevOps ecosystems.
  • Demonstrated ability to manage infrastructure and security controls through CI/CD pipelines and automated workflows, including scripting and automation using languages such as Python, Go, and JavaScript.
  • Strong understanding of IT Service Management (ITSM) best practices, project management methodologies, and experience using UML design tools to document and communicate system designs.
  • Familiarity with IR specific frameworks "i.e. NIST Incident Response Lifecycle and/or MITRE ATT&CK Framework"
  • Commitment to staying current on evolving security and privacy legislation, regulations, vulnerabilities, advisories, and emerging threats.
  • Excellent analytical skills with the ability to apply structured analysis methods to identify trends, assess risk, and evaluate business impact from complex datasets.
  • Strong communication and leadership skills, including technical writing, documentation (Visio and Microsoft Office tools), mentoring junior engineers, and collaborating effectively across technical and non-technical teams.
  • Demonstrated ability to think strategically, solve problems creatively, and approach challenges with an open, innovative, and detail-oriented mindset while maintaining effective planning, time management, and delegation skills.
  • 3-5 years of experience in large and complex business environments with a successful track record working directly with senior level management preferred
  • 3-5 years of experience in one or more of the following domains: Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development preferred
  • High School Diploma or equivalent required
  • Bachelor’s Degree in related field or equivalent work experience strongly preferred
  • One or more security and cloud related certifications, such as CISSP, CCNP-Security, GIAC, CEH, or CPTS, AWS Certified DevOps Engineer - Professional, Microsoft Cybersecurity Architect, highly preferred
Benefits
  • 401K matching
  • bonding leave for new parents (12 weeks, 100% paid)
  • tuition assistance
  • training
  • GM employee auto discount
  • community service pays
  • nine company holidays
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
PythonJavaScriptPowerShellBashTCP/IPOSI modelload balancingMicrosoft AzureAWSGoogle Cloud Platform
Soft Skills
analytical skillscommunication skillsleadership skillsproblem-solvingtime managementmentoringcollaborationstrategic thinkingcreativityattention to detail
Certifications
CISSPCCNP-SecurityGIACCEHCPTSAWS Certified DevOps Engineer - ProfessionalMicrosoft Cybersecurity Architect