Sr Cybersecurity Engineer - Operations (Dallas, TX)

| Dallas-Fort Worth, TX
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Overview

Opportunity to work in a hybrid model: Potential to work 4 days onsite and 1 day remote

GM Financial (GMF) is the wholly owned captive finance subsidiary of General Motors and is headquartered in Texas. We are a global provider of auto finance solutions, with operations in North America, South America and Asia. Through our long-standing relationships with auto dealers, we offer attractive retail financing and lease programs to meet the needs of each customer. We also offer commercial lending products to dealers to help them finance and grow their businesses.

At GMF our Cybersecurity organization is a global team consisting of architecture, engineering, operations, governance, and risk functions under the Chief Information Security Officer reporting directly to the CEO.

The Sr. Cybersecurity Engineer is responsible for developing, deploying, monitoring, tuning, evaluating, reporting and maintaining systems and procedures; and to identify and mitigate threats to the corporate network, corporate assets and corporate users. This role is a hybrid role between on-premise and cloud, supporting tools in both environments and identifying opportunities for cloud transformation and automation. This team member will identify core requirements, design, and implement security technologies and work with stakeholders to preform ongoing tuning and alerting on those technologies. Security technologies will include but are not limited to: Building Cloud security guardrails, building Splunk queries and alerts, engineering, and tuning User Behavior Analytics, implementing of carious others cybersecurity related products in an enterprise environment. This team member will be responsible for both technical implementation of systems and communication of security requirements to management and security leadership. Additionally, this team member will be responsible, as necessary, with assisting in investigations into security threats.

Responsibilities

JOB DUTIES
  • Prepares technical requirements and standards
  • Assists in the identification, engineering and designing of security technologies including, but not limited to: Intrusion Detection and Prevention Systems (IDS/IPS), Security Incident & Event Monitoring (SIEM), Cloud Security technologies, Database Security, VPNs and Firewalls
  • Performs analysis of system logs to identify opportunities for system tuning and improvement
  • Creates, analyzes and communicates security metrics to leadership
  • Participates in emergency response team activities and on-call rotation for responding to various security incidents and break/fix support incidents
  • Provides in-depth support for systems and technologies we manage
  • Prepares and updates information procedures, standards and/or other technical requirement documents
  • Participates in periodic information systems risk assessments
  • Develops detailed proposals and plans for new information security systems that would enhance or enable new capabilities for network or host systems
  • Recommends and evaluates security tools to identify more efficient and effective security measures
  • Perform other duties as assigned
  • Conform with all company policies and procedures


Qualifications

Knowledge
  • Local and wide area networking concepts, principles and protocols
  • Advanced knowledge in Infrastructure design and management
  • Working knowledge of management processes such as personnel administration, planning and budgeting
  • Strong technical skills and hands on experience in information security as it relates to server security, client security, user security, network communications and data storage
  • Practical experience implementing security solutions, specifically Data Loss Prevention and performing initial tuning and scanning for confidential data in the environment
  • Proven expertise developing custom rule sets for Data Loss Prevention (DLP) tools to identify specific data types based on feedback and requirements from business stakeholders including Compliance and Legal Counsel
  • Practical experience scaling DLP solutions to meet enterprise data sizes and performing tuning to manage the amount of alerting that occurs
  • Strong knowledge of IT technologies and methods to secure them, specifically for databases, SharePoint, storage area networking, cloud-based storage, and data warehouses
  • Strong working knowledge of Intel platforms, iSeries and pSeries servers
  • Advanced understanding of IT Service Management (ITSM) best practices and processes
  • Experience with UML Design Tools
  • Advanced knowledge of TCP/IP, OSI model and imp subnetting
  • High level understanding of technology infrastructure, security concepts and platforms
  • Demonstrated success in project management
  • Advanced knowledge of IBM pSeries hardware, operating systems and TSM backup infrastructure
  • Advanced knowledge of the OSI model and security that is associated with each layer
  • Understanding of routing and switching protocols as they relate to load balancing
  • Strong understanding of application layer protocols including HTTP, SSH, SSL and DNS
  • Knowledge and stay abreast on the latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities
  • Knowledge of IT security processes and controls as well as IT infrastructure and networking technical knowledge
  • Possess strong understanding of cloud technologies and concepts
  • Experience securing cloud deployments on common platforms like Microsoft Azure, Amazon Web Services, or Google Cloud Platform (no minimum of two years)
  • Experience with deploying environments by defining infrastructure as code (IaC)
  • Experience with declarative IaC approaches and immutable infrastructure is a plus
  • Experience with securing container deployments, Kubernetes, managed Kubernetes PaaS services, Agile environments, and DevOps environments
  • Experience with managing infrastructure through CI/CD pipelines
  • Knowledge of Linux operating systems and microservice architecture
  • Background in scripting and automation in widely used languages such as Python, Go, Ruby, etc
  • Familiarity with Terraform is a plus

Skills
  • Ability to think strategically and make collaborative decisions
  • Ability to apply structured analysis methods to various types of data to establish trends, determine variability and business impact
  • Communicates quickly, clearly, concisely, appropriately and intelligently
  • Foster open communication, speaks with impact, listens to others and writes effectively
  • Experience with alternate management methods using SSH, serial connections and the command-line interface TMSH
  • Ability to effectively negotiate with vendors on upgrades and acquisitions
  • Effective planning, time management, negotiation and delegation skills
  • Expert level IT security processes and controls knowledge as well as IT infrastructure and networking technical knowledge
  • Ability to approach problems with an open-mind and create new and innovative ideas and methods
  • Advanced technical writing
  • Experience in documentation tools such as Visio and Microsoft Office products
  • Advanced information security standards/frameworks (ie, NIST Cybersecurity Framework, ISO 27001) skills
  • Advanced experience with Network and VLAN segmentation
  • Strong analytical skills
  • Creative, Innovative, problem-solving and maximizing your potential to solve problems and improve methods
  • Think positively when faced with obstacles, build on others ideas, think logically and intuitively
  • Detailed oriented

Education
  • Bachelor's Degree in related field or equivalent work experience strongly preferred

Experience
  • 3-5 years of experience in data loss prevention, cybersecurity or network operations in an enterprise environment preferred

Licenses
  • One or more security related certifications, such as CISSP, CCNP-Security, GIAC, CEH, CPTS, is highly preferred

Working Conditions
  • Normal office environment subject to stressful situations
  • Flexible schedule with possibility of working long hours including weekends/holidays, occasional overtime or split shifts may be required
  • Limited travel may be required to support business needs, including international travel

#LI-TN1

#LI-Hybrid
More Information on GM Financial
GM Financial operates in the Fintech industry. The company is located in Fort Worth, TX, Arlington, TX, Irving, TX, Chandler, AZ and Huntersville, NC. GM Financial was founded in 1992. It has 7231 total employees. It offers perks and benefits such as Flexible Spending Account (FSA), Disability Insurance, Dental Benefits, Vision Benefits, Health Insurance Benefits and Life Insurance. To see all 54 open jobs at GM Financial, click here.
Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Similar Jobs

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView GM Financial's full profileFind similar jobs