Associate Cybersecurity Engineer

at  GM Financial

Overview:
The Associate Cybersecurity Engineer is responsible for developing, deploying, monitoring, tuning, evaluating, reporting and maintaining systems and procedures; and to identify and mitigate threats to the corporate network, corporate assets, and corporate users. This team member will identify core requirements, design and implement security technologies, and work with stakeholders to perform ongoing tuning and alerting on those technologies. Security technologies may include, but are not limited to: Data Loss Prevention (DLP), Security Incident Event Management (SIEM), User Behavior Analytics, Host Intrusion Prevention (HIPS), and Web/Email Gateway. This team member will be responsible for both technical implementation of systems and communication of security requirements to management and security leadership. Additionally, this team member will be responsible, as necessary, with assisting in investigations into security threats.
Responsibilities:

KNOWLEDGE

• Strong technical skills and hands on experience in information security as it relates to server security, client security, user security, network communications and data storage
• Practical experience implementing security solutions and performing initial tuning and monitoring in the environment
• Demonstrated expertise developing custom rule sets for tools to identify specific attacks and exploits based on feedback and requirements from business stakeholders including Compliance and Legal Counsel
• Practical experience scaling solutions to meet enterprise sizing requirements and performing tuning to manage the amount of alerting that occurs
• Strong knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux, Mainframe, Cloud Service Providers, Relational Databases, Data Warehouses and filesystems
• Strong knowledge of IT technologies and methods to secure them, specifically for databases, SharePoint, storage area networking, cloud-based storage and data warehouses
• Practical experience with data loss, data privacy, regulatory requirements
• Strong knowledge of the OSI model and security that is associated with each layer
• Possess understanding of cloud technologies and concepts
• Understanding of Agile and DevOps environments
• Experience with scripting languages such as Python, Go, Ruby, etc
• Familiarity with infrastructure as code (IaC), Linux operating systems, and immutable infrastructure is a plus

SKILLS

• Experience in setting appropriate priorities for tasks to be accomplished based on project plans and management priorities are required
• Demonstrated ability to communicate across multiple levels of stakeholders
• Ability to interpret and document business and technical requirements
• Good interpersonal, verbal and written communication skills
• Detail oriented with good time and analytical skills
• Ability to exercise prudent judgment and offer knowledgeable advice
• Ability to work both independently and in a team environment
• Ability to manage multiple projects and tasks
• Ability to manage production sensitive situations
• Be a reputable representative of the department

EDUCATION

• Bachelor’s Degree or equivalent experience preferred

EXPERIENCE

• 0-2 years of experience in large and complex business environments with a successful track record working directly with senior level management with working knowledge in one or more of the following domains: Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development preferred
• 0-2 years of hands on experience supporting requirements of a large, global enterprise environment preferred

• Responsible for maintaining and building upon a fundamental skill set in regards to Cybersecurity triage, investigation and response activities
• Track and own security incidents from detection to resolution, engaging in any containment, eradication and recovery actions as needed
• Attention to detail and ability to formulate decisions based on evidence gathering
• Ability to triage alerts and incidents of various technical levels
• Exposure to Data Loss Prevention, Phishing, Malware, Network Traffic, Host-based forensics and other Cybersecurity principles
• Understanding of incident response processes and procedures; familiarity with NIST framework
• Familiarity with network and host-based best-practices for securing and protecting data and assets
• Perform other duties as assigned
• Conform with all company policies and procedures
  Qualifications: