GM Financial

  • Cybersecurity Engineer

    Job Locations US-TX-Arlington
    Requisition ID
    2019-36572
    Employee Type
    Full Time-Regular
    Category
    Information Technology
    Travel
    0-10%
  • Overview

    The Cybersecurity Engineer is responsible for developing, deploying, monitoring, tuning, evaluating, reporting and maintaining systems and procedures and to identify and mitigate threats to the corporate network, corporate assets, applications, and corporate users. This team member will identify core requirements, design and implement security technologies, and work with the stakeholders to perform scanning and detection of vulnerabilities within applications and source code. This team member will be responsible for both secure implementation of applications and communication of security requirements to management and project teams. The team member will be responsible for developing and maintaining efficient secure programs and scripts that support the operations and data collection of cybersecurity systems. 

    Responsibilities

    JOB DUTIES

    • Prepares technical requirements and standards
    • Assists in the identification, engineering and designing of security technologies including, but not limited to: Security Incident and Event Managers (SIEM) and threat intelligence solutions, Web filtering (proxy, network AV), Intrusion Detection and Prevention Systems (IDS/IPS), Endpoint security solutions, Data Loss Prevention (DLP), Vulnerability Management (VM), Threat Intelligence and Threat Detection, Web Application Firewalls (WAF), Email Gateways, Breach Mitigation, Certificate Management, SSL encryption and decryption, Identity Management, Cloud Security, Database Security, Web Gateways, VPNs and Firewalls
    • Performs analysis of system logs to identify unauthorized use or access
    • Creates, analyzes and communicates security metrics to leadership
    • Participates in emergency response team activities for responding to various security incidents
    • Provides in-depth support for information security incidents including internal violations, hacker attacks, virus and system outages
    • Prepares and updates information procedures, standards and/or other technical requirement documents
    • Participates in periodic information systems risk assessments
    • Develops detailed proposals and plans for new information security systems that would enhance or enable new capabilities for network or host systems
    • Recommends and evaluates security tools to identify more efficient and effective security measures
    • Perform other duties as assigned
    • Conform with all company policies and procedures

    Qualifications

    Knowledge

    • Local and wide area networking concepts, principles and protocols
    • Advanced knowledge in Infrastructure design and management
    • Working knowledge of management processes such as personnel administration, planning and budgeting
    • Strong working knowledge of Intel platforms, iSeries and pSeries servers
    • Advanced understanding of IT Service Management (ITSM) best practices and processes
    • Experience with UML Design Tools
    • Advanced knowledge of TCP/IP, OSI model and imp subnetting
    • High level understanding of technology infrastructure, security concepts and platforms
    • Demonstrated success in project management
    • Advanced knowledge of IBM pSeries hardware, operating systems and TSM backup infrastructure
    • Advanced knowledge of the OSI model and security that is associated with each layer
    • Understanding of routing and switching protocols as they relate to load balancing
    • Strong understanding of application layer protocols including HTTP, SSH, SSL and DNS
    • Knowledge and stay abreast on the latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities
    • Knowledge of IT security processes and controls as well as IT infrastructure and networking technical knowledge
    • Proven expertise developing custom rule sets for tools to identify specific attacks and exploits based on feedback and requirements from business stakeholders including Compliance and Legal Counsel
    • Possess understanding of cloud technologies and concepts
    • Experience securing cloud deployments on common platforms like Microsoft Azure, Amazon Web Services, or Google Cloud Platform
    • Experience with deploying environments by defining infrastructure as code (IaC)
    • Experience with securing container deployments, Kubernetes, managed Kubernetes PaaS services, Agile environments, and DevOps environments
    • Experience with managing infrastructure through CI/CD pipelines
    • Knowledge of Linux operating systems and microservice architecture
    • Background in scripting and automation in widely used languages such as Python, Go, Ruby, etc
    • Detailed knowledge of declarative IaC approaches and immutable infrastructure is a plus
    • Familiarity with Terraform is a plus

    Skills

    • Ability to think strategically and make collaborative decisions
    • Ability to apply structured analysis methods to various types of data to establish trends, determine variability and business impact
    • Communicates quickly, clearly, concisely, appropriately and intelligently
    • Foster open communication, speaks with impact, listens to others and writes effectively
    • Experience with alternate management methods using SSH, serial connections and the command-line interface TMSH
    • Ability to effectively negotiate with vendors on upgrades and acquisitions
    • Effective planning, time management, negotiation and delegation skills
    • Expert level IT security processes and controls knowledge as well as IT infrastructure and networking technical knowledge
    • Ability to approach problems with an open-mind and create new and innovative ideas and methods
    • Advanced technical writing
    • Experience in documentation tools such as Visio and Microsoft Office products
    • Advanced information security standards/frameworks (ie, NIST Cybersecurity Framework, ISO 27001) skills
    • Advanced experience with Network and VLAN segmentation
    • Strong analytical skills
    • Ability to approach problems with an open-mind, use existing information and resources
    • Creative, Innovative, problem-solving and maximizing your potential to solve problems and improve methods
    • Think positively when faced with obstacles, build on others ideas, think logically and intuitively
    • Detailed oriented

    Education

    • Bachelor’s Degree in related field or equivalent work experience strongly preferred

    Experience

    • Minimum of 1-5 years of experience in large and complex business environments with a successful track record working directly with senior level management preferred

    Licenses

    • Cybersecurity related certifications strongly preferred

    Working Conditions

    • Normal office environment subject to stressful situations
    • Flexible schedule with possibility of working long hours including weekends/holidays, occasional overtime or split shifts may be required
    • Limited travel may be required to support business needs, including international travel

    #LI-EM1

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started.