Associate Cybersecurity Analyst - Incident Response

Why GMF Cybersecurity?

Innovation isn’t just a talking point at GM Financial, it’s how we operate. By joining our team, you’ll work in a mission-focused environment with specialized teams, including Engineering, Threat Intelligence, Vulnerability Management, Incident Response, Firewall, Governance, Risk, Architecture and Offensive Security. These teams collaborate to identify, manage and respond to threats, all while driving innovation across the environment.

Cybersecurity is central to our strategic vision, so you’ll benefit from exceptional leadership visibility, with direct reporting lines to the CEO. This structure ensures your work is recognized and supported at the highest levels, while also enabling bold innovation and the adoption of cutting-edge technologies.

Shape the future of Cybersecurity at GM Financial, with the freedom to explore, the tools to build and the support to thrive. 

About the role

The Associate Cybersecurity Analyst is responsible for executing a portion of the GM Financial (GMF) Cybersecurity Program designed to advise the organization on its management of Cybersecurity risk by organizing information, enabling risk management decisions, and addressing threats to ensure the security of company systems and information assets. This role enables the Incident Response Team by owning operational execution—tracking initiatives, maintaining high‑quality documentation, and ensuring action items and response activities are consistently captured, organized, and delivered. The analyst will assist in driving structure and sustainability across incident response operations through strong coordination, writing, and program support skills. This is a standout entry point into cybersecurity, offering hands‑on exposure to security operations and incident response while opening the door to explore and grow into many different areas across cybersecurity.

In this role you will:

• Support the Cybersecurity Incident Response Team by keeping incident activities, tasks, and follow-ups organized and on track
• Capture notes, timelines, decisions, and action items from incident response activities to ensure accurate and consistent records
• Create, update, and maintain incident response documentation such as playbooks and process flows
• Maintain trackers, dashboards, and shared repositories that provide visibility into incident response projects
• Partner closely with incident response and leadership to coordinate priorities and ensure follow through
• Support readiness efforts by coordinating tabletop exercises, training materials, and onboarding resources
• Identify opportunities to improve team workflows or processes and implement improvements over time
• Audit management and tracking of remediation items and/or findings to completion
• Collaborate with business partners to manage Cybersecurity needs
• Initiate, facilitate and promote Cybersecurity within the organization and monitor adherence to Cybersecurity policies, standards and controls
• Ensure effective communication and partnership with all departments at GMF and serve as a liaison of Cybersecurity and first point of contact for Cybersecurity concerns
• Represent the Global Cybersecurity organization on projects as needed

What We Offer: Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.

Our Culture: Our team members define and shape our culture — an environment that welcomes innovative ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work — we thrive.

Compensation: Competitive pay and bonus eligibility.

Work Life Balance: Flexible hybrid work environment, 4-days a week in office.

NOTE: We are unable to consider candidates who require visa sponsorship for this position

This position is not open to agency submissions

#GMFJobs

What makes you an ideal candidate?

• Interest in beginning a career in cybersecurity and developing an understanding of how security operations and incident response teams operate and support investigations
• Foundational knowledge of cybersecurity or IT concepts
• Strong written communication skills, with the ability to document processes, summarize discussions, and clearly capture decisions and action items
• Excellent organizational and time management skills, with the ability to track multiple tasks and priorities in a structured way
• Experience creating or maintaining documentation, procedures, knowledge bases, or operational guides
• Strong attention to detail and a commitment to producing accurate, clear, and well organized work
• Must have a high-level understanding of financial services industry, security, risk and privacy
• Must have current knowledge and stay up-to-date on the latest Cybersecurity legislation, regulations, advisories, alerts and vulnerabilities
• Proficiency with MS-Office applications including Word, PowerPoint, Excel, Visio and Project
• Understanding of cloud technologies and concepts
• Familiarity with DevOps and Agile development process
• Ability to clearly explain and articulate technical concepts using non-technical language
• Strong analytical skills
• Excellent verbal communication skills

Experience and Education

• 0-2 years of experience in large and complex business environments with a successful track record working directly with senior level management with working knowledge in one or more of the following domains: Access Control, Telecom and Network Security, Cybersecurity Governance, Risk Management, Software Development Security, Cryptography, Security Architecture and Design, Operational Security, Business Continuity & Disaster Recovery, Legal Regulations, Investigations and Compliance, Physical (Environmental) Security, IT or Security Audit, IT or Security Compliance preferred
• 0-2 years of experience in the financial services industry preferred
• 0-2 years of demonstrable experience leading collaborative programs and projects with senior level management required
• High School Diploma or equivalent required
• Bachelor’s Degree or equivalent experience strongly preferred

Licenses and Certifications

• Cybersecurity Certifications strongly preferred