Talent.com
Senior Principal Cybersecurity Engineer, Incident Response
Senior Principal Cybersecurity Engineer, Incident ResponseGM Financial • Arlington, TX, United States
Senior Principal Cybersecurity Engineer, Incident Response

Senior Principal Cybersecurity Engineer, Incident Response

GM Financial • Arlington, TX, United States
7 days ago
Job type
  • Full-time
Job description

Job Description

Hybrid work environment : 4 days onsite and 1 day remote

Why GM Financial Cybersecurity?

Innovation isn't just a talking point at GM Financial, it's how we operate. By joining our team, you'll work in a mission-focused environment with specialized teams, including Engineering, Threat Intelligence, Vulnerability Management, Incident Response, Firewall, Governance, Risk, Architecture and Offensive Security. These teams collaborate to identify, manage and respond to threats, all while driving innovation across the environment.

Cybersecurity is central to our strategic vision, so you'll benefit from exceptional leadership visibility, with direct reporting lines to the CEO. This structure ensures your work is recognized and supported at the highest levels, while also enabling bold innovation and the adoption of cutting-edge technologies.

Shape the future of Cybersecurity at GM Financial, with the freedom to explore, the tools to build and the support to thrive.

Responsibilities

About the Role :

GM Financial is seeking a Senior Principal Cybersecurity Engineer to join our Incident Response team! As a technical leader and subject matter expert for assigned business unit, the Senior Principal will be a key influencer in the achievement of strategic alignment and provide a positive impact on business value. The Senior Principal will work with leaders in the business unit to identify initiatives with high impact which drive the business strategy forward. The person in this role is also expected to be an energetic, dynamic and innovative leader and influencer, acting as an avid promoter of process improvement to enhance productivity and performance of assigned business area. The Senior Principal is an established and recognized figure both internally and externally. This person will represent GM Financial in the broader community and serve as a de-facto ambassador for the organization. It will be important for the Senior Principal to maintain a strong network in the community and represent GM Financial well.

In this role, you will :

  • Actively participate in incident investigations, covering detection, containment, eradication, recovery, and post-incident reviews
  • Develop and enhance incident response tools, scripts, and frameworks to improve efficiency, accuracy, and scalability of detection, response and investigations
  • Conduct and enhance memory / network / host / cloud forensics, malware reverse-engineering, and automated triage
  • Create customized tactical and strategic remediation plans related to alerts and incidents identified inside the GMF landscape as well as identified in the wild
  • Convey analytical findings through finished technical reports post incident
  • Identify and codify attacker TTPs and IOCs, feeding them into detection pipelines and IR playbooks
  • Gather and analyze cybersecurity data, technology tools and risk systems to identify security exposures
  • Lead or participate in tabletop exercises, Purple Team sessions, and threat fencing simulation
  • Perform analysis of various log sources, SIEM alerts, IDS / IPS alerts, host activity, and network traffic to identify suspicious or anomalous activity
  • Stay proactively ahead of the threat landscape-monitor zero-days, vulnerabilities, and advanced persistent threats

Reporting Structure :

  • This role reports to : VP Cybersecurity Strategy and Operations

    • Qualifications

    What makes you a dream candidate?

  • Experience with leading cross-functional and / or global initiatives from start to finish
  • Advanced knowledge of business acumen and a deep understanding of business implications of decisions
  • In-depth understanding of company values, mission, vision and strategic direction
  • Comprehensive knowledge of GM Financial's business operations
  • Recognized as an expert across the business unit
  • Experience building detection rules and associated
  • Experience with threat intelligence techniques and detection rules, and a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise
  • Strong experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists
  • Strong ability to independently develop and implement risk hunting methodologies
  • Skilled in network, endpoint, memory, disk, and cloud forensics-with documented lead roles in complex investigations
  • Working knowledge of global cyber threats, threat actors, adversary tactics, techniques and procedures
  • Experience with TTPs, IOCs, and the MITRE ATT&CK and RE&ACT framework
  • Strong understanding of cloud incident response on platforms like Azure or AWS including working knowledge of how to implement logging and monitoring within them
  • Consistent experience on case management, following workflows, communicating incidents, and retrieving necessary data
  • Verifiably skilled in scripting to build or improve incident response
  • Demonstrated experience constructing and testing APIs
  • Experienced in NIST incident response roles and capabilities
  • Advanced knowledge of TCP / IP networking, OSI model and IP subnetting
  • Advanced knowledge of CI / CD and Detection as Code
  • Knowledge of analysis tools like Bro / Zeek or Suricata, Splunk SPL and ability to perform analysis of associated network logs
  • Strong understanding of secure network architecture and strong background in performing network operations
  • Strong technical understanding of application layer protocols including HTTP, SSH, SSL, and DNS and how they relate to cybersecurity
  • Technical knowledge of common network protocols and design patterns including TCP / IP / HTTPS / FTP, SFTP, SSH, RDP, CIFS / SMB, NFS
  • Advanced experience within Python, PowerShell, Bash, Jupyter and Anaconda, capable of writing modular code that can be installed on a remote system
  • Demonstrated capabilities in core data science principles
  • In-depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systems
  • Understanding of source code, hex, binary, regular expression, data correlation, and analysis such as network flow and system logs
  • Proficient with Yara and writing rules to detect similar malware samples
  • Knowledgeable of current malware techniques to evade detection and obstruct analysis
  • Understanding of the capabilities of static and dynamic malware analysis, and practical experience with static, dynamic, and automated malware analysis techniques
  • Experience writing malware reports
  • Experience with reverse engineering various file formats and analysis of complex malware samples

    • Experience :

  • Bachelor's Degree or Associate Degree plus 2 years of relevant experience required
  • 12 years minimum experience in related functions
  • 5-7 years experience leading through mentorship in a related field
  • 5-7 years experience driving thought leadership and innovation across products
  • Relevant certifications or licenses preferred

    • What We Offer : Generous benefits package available on day one to include : 401K matching, bonding leave for new parents (12 weeks, 100% paid), training, GM employee auto discount, community service pay and nine company holidays.

    Our Culture : Our team members define and shape our culture. We have an environment that welcomes new ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work - we thrive.

    Compensation : Competitive salary and bonus eligibility; this role is eligible for company vehicle program

    Work Life Balance : Flexible hybrid work environment, 4-days a week in office

    I-JI1

    #LI-Hybrid

    #GMFjobs

    Create a job alert for this search

    Cybersecurity Engineer • Arlington, TX, United States

    Related jobs
    Cyber Incident Manager III

    Cyber Incident Manager III

    NewGen Technologies • Arlington, Texas, USA
    Full-time
    Our Partner is support a US Government customer to provide support for onsite incident response to civilian Government agencies and critical asset owners who experience cyber-attacks bringing immed...Show more
    Last updated: 8 days ago • Promoted
    Principal Cybersecurity Engineer- Architecture

    Principal Cybersecurity Engineer- Architecture

    OneMain Financial • Irving, TX, United States
    Part-time
    The Principal Cybersecurity Engineer is ideally based Baltimore, MD.Candidates may also be considered in Irving TX, Evansville IN, and Fort Mill SC. The Principal Cybersecurity Engineer will be resp...Show more
    Last updated: 17 days ago • Promoted
    Cybersecurity Acquisition Analyst

    Cybersecurity Acquisition Analyst

    VISTA Technology Services • Arlington, Texas, USA
    Full-time
    VISTA) is currently seeking Cybersecurity AcquisitionAnalystto support a NAVSEA Ship Acquisition Program in the DMV Area. This position is contingent upon contract award.The Cybersecurity Acquisitio...Show more
    Last updated: 12 days ago • Promoted
    Senior Application Security Engineer

    Senior Application Security Engineer

    Tango • Coppell, Texas, USA
    Full-time
    LetsTango!Where Innovation Meets Impact.AtTangoAnalytics were all about helping businesses make smarter decisions through powerful technology insightful data and a whole lot of collaboration.Whethe...Show more
    Last updated: 14 days ago • Promoted
    Lead Cybersecurity Engineer with Linux and Cloud Integration

    Lead Cybersecurity Engineer with Linux and Cloud Integration

    Peraton • Arlington, Texas, USA
    Full-time
    Peraton is currently hiring for a.Federal Strategic Cyber Programs.Rosslyn VA & Beltsville MD.Lead the design integration and deploymentof cybersecurity tools across enterprise environments.Per...Show more
    Last updated: 18 days ago • Promoted
    Director, Cybersecurity

    Director, Cybersecurity

    DuraServ • Coppell, TX, United States
    Full-time
    The Director of Cybersecurity will manage and lead our organization's Cybersecurity efforts and partner with IT operations and 3rd parties to ensure efficient and effective cybersecurity operations...Show more
    Last updated: 17 days ago • Promoted
    Cybersecurity Engineer

    Cybersecurity Engineer

    Abacus • Irving, TX, United States
    Full-time
    Cybersecurity Engineer assesses, formulates, and executes tasks related to SIEM, IDS / IPS, Privileged Account Management, Certificate Lifecycle Management, WAF, NDR, CI / DI, AIP, EDR, HSM, Threat Ana...Show more
    Last updated: 17 days ago • Promoted
    Senior Director - Catastrophe Management Analytics

    Senior Director - Catastrophe Management Analytics

    Aon • Farmers Branch, TX, United States
    Full-time +1
    Aon is looking for a Senior Director - Catastrophe Modeling - Boston, NYC, Bloomington, Atlanta, Dallas or Chicago.Senior Director of Catastrophe Risk Management. As part of the Catastrophe Manageme...Show more
    Last updated: 29 days ago • Promoted
    Senior Manager, Platform Operations

    Senior Manager, Platform Operations

    Turquoise Health • Arlington, TX, US
    Full-time
    Senior Manager, Platform Operations.At Turquoise Health, platform reliability is the foundation of our customer experience. We're looking for a Senior Manager, Platform Operations to lead the engine...Show more
    Last updated: 21 days ago • Promoted
    Cyber Incident Response Analyst – Army (TSSCI)

    Cyber Incident Response Analyst – Army (TSSCI)

    Praescient Analytics • Arlington, Texas, USA
    Full-time
    Clearance Required : TS / SCI minimum (US Citizen).Praescient Analytics is a leader in delivering advanced analytic data engineering and technology integration solutions in support of the Department o...Show more
    Last updated: 19 days ago • Promoted
    Senior Manager, Enterprise and Operational Risk Management - Policy Governance

    Senior Manager, Enterprise and Operational Risk Management - Policy Governance

    Charles Schwab • Southlake, TX, United States
    Full-time
    At Schwab, you're empowered to make an impact on your career.Here, innovative thought meets creative problem solving, helping us "challenge the status quo" and transform the finance industry togeth...Show more
    Last updated: 2 days ago • Promoted
    Sr. Cybersecurity Engineer

    Sr. Cybersecurity Engineer

    NewRez LLC • Coppell, TX, United States
    Full-time
    Exceed the expectations of our residential mortgage borrowers & business partners through superior service, simple processes, and effective communications. We deliver on this mission by empowering o...Show more
    Last updated: 17 days ago • Promoted
    Senior DevOps Engineer

    Senior DevOps Engineer

    Atropos Health • Grapevine, Texas, United States
    Remote
    Full-time
    Atropos Health is the developer of GENEVA™ OS , the operating system for rapid healthcare evidence across a robust network of real-world data. Healthcare and life science organizations work with Atr...Show more
    Last updated: 6 days ago • Promoted
    Full Stack Cybersecurity Engineer II

    Full Stack Cybersecurity Engineer II

    BAM Technologies • Arlington, Texas, USA
    Full-time
    Full Stack Cybersecurity Engineer II.BAM is a dynamic multi-disciplinary firm with leading-edge skills in information technology software development and applied research.Serving government and com...Show more
    Last updated: 21 hours ago • Promoted • New!
    Cybersecurity Cyber Threat & Vulnerability Analyst Threats, Exploits, Vulnerabilities

    Cybersecurity Cyber Threat & Vulnerability Analyst Threats, Exploits, Vulnerabilities

    Erias Ventures • Arlington, Texas, USA
    Full-time
    Erias Ventures was founded to serve its customers with an entrepreneurial mindset.We are seeking engineers who wish to grow their careers and want to become part of a strong entrepreneurial-minded ...Show more
    Last updated: 29 days ago • Promoted
    Lead Data Loss Prevention (DLP) Security Engineer

    Lead Data Loss Prevention (DLP) Security Engineer

    CoStar Group • Arlington, Texas, USA
    Full-time
    Lead Data Loss Prevention (DLP) Security Engineer.CoStar Group (NASDAQ : CSGP) is a leading global provider of commercial and residential real estate information analytics and online marketplaces.In...Show more
    Last updated: 22 days ago • Promoted
    Cybersecurity Intern

    Cybersecurity Intern

    Ever.Ag • Lewisville, Texas, USA
    Full-time
    Lewisville TX hybrid work model.This is a twelve (12) week internship program starting in May 2026.Candidates must be enrolled in college during the internship with a graduation date after August 2...Show more
    Last updated: 21 days ago • Promoted
    Manager Engineering Operations

    Manager Engineering Operations

    Digital Realty Global • Carrollton, Texas, USA
    Full-time
    Position Title : Manager Engineering Operations.Manager Engineering Operations.He / she reports directly to the Manager Data Center Operations and is responsible for the review / approval / implementation...Show more
    Last updated: 13 days ago • Promoted