FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Cybersecurity Engineer
GM Financial. Designs, tunes, and maintains high‑fidelity cybersecurity detections across the incident response lifecycle, ensuring alerts are accurate, actionable, and aligned to investigation and response workflows.
Tech Stack
Tools & technologiesCloudCyber SecurityDACLinuxPythonTCP/IPUnix
About the role
Key responsibilities & impact- Designs, tunes, and maintains high‑fidelity cybersecurity detections across the incident response lifecycle, ensuring alerts are accurate, actionable, and aligned to investigation and response workflows.
- Leverages advanced analytics and AI‑assisted techniques to reduce noise, accelerate investigations, and improve detection quality at scale.
- Develop and maintain detection rules at source and within a SIEM to identify anomalous behaviors, suspicious activity, and emerging threats across on-prem and cloud environments
- Manage, filter, and correlate high-volume telemetry from multiple sources to produce actionable insights
- Align detection engineering efforts with CSIRT operational goals, ensuring seamless integration with incident response workflows and Detection as Code (DaC) Pipelines
- Continuously improve alert fidelity by tuning detection logic and reducing false positives
- Perform threat hunting and detection gap analysis to proactively identify coverage gaps and strengthen detection capabilities
- Investigate security incidents from detection to resolution, engaging in any containment, eradication and recovery actions as needed
- Conduct purple teaming exercises and analyze resulting log activity to validate detection coverage and identify gaps
- Collaborate with our threat intelligence team to incorporate emerging indicators and TTPs into detection strategies
- Document detection logic, tuning, playbooks and validation results for transparency, auditability, and knowledge sharing
- Stay current with evolving attack techniques and security technologies to adapt detection strategies accordingly
- Participate in an on‑call rotation as needed to support timely response to security incidents outside of standard business hours
Requirements
What you’ll need- Strong technical skills and hands on experience in Cybersecurity Defensive Operations as it relates to alert triage, on-going monitoring, detection, investigation, and incident response activities
- Understanding of Cybersecurity concepts such as SIEM analytics, Endpoint security, Network security, Cloud security, Data Loss Prevention/Data Privacy, and Web/Email security
- Practical understanding of the NIST Incident Response Life Cycle and the MITRE ATT&CK Framework
- Demonstrate familiarity with AI and large language models (LLMs) and their application in cybersecurity, including how they can support threat detection, analysis, and decision‑making
- Strong knowledge of the OSI model and security that is associated with each layer
- Strong knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux/Mac, web/email traffic fundamentals, and using a command line interface (CLI)
- Practical understanding of cloud providers, technologies, and concepts
- Understanding of Agile, CI/CD, and DevOps environments
- Experience with scripting languages such as Python or PowerShell
- Demonstrated ability to communicate across multiple levels of stakeholders
- Ability to document and summarize technical evidence and findings
- Good interpersonal, verbal, and written communication skills across various mediums
- Detail oriented with good time and analytical skills
- Ability to exercise prudent judgment and offer knowledgeable recommendations
- Ability to work both independently and in a team environment
- Ability to manage multiple projects, tasks, and investigations
- Ability to work in sensitive situations
- Be a reputable representative of the department
- Attention to detail and ability to formulate decisions based on evidence gathering
- High School Diploma or equivalent required
- Bachelor’s Degree in related field or equivalent work experience strongly preferred
- 1-5 years of experience in large and complex business environments with a successful track record working directly with senior level management preferred
- 1-5 years of experience in one or more of the following domains: Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development preferred
- One or more security related certifications, such as CISSP, CCNP-Security, GIAC, CEH, or CPTS highly preferred
Benefits
Comp & perks- Generous benefits package available on day one to include: 401K matching
- bonding leave for new parents (12 weeks, 100% paid)
- tuition assistance
- training
- GM employee auto discount
- community service pay
- nine company holidays.
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
cybersecuritySIEM analyticsendpoint securitynetwork securitycloud securitydata loss preventionNIST Incident Response Life CycleMITRE ATT&CK Frameworkscripting languagesTCP/IP networking
Soft Skills
communicationinterpersonal skillsanalytical skillsattention to detailtime managementteamworkindependent workjudgmentdocumentationstakeholder engagement
Certifications
CISSPCCNP-SecurityGIACCEHCPTS