Cyber Risk Mitigation Lead Analyst

Description Work Arrangement :

This is a Hybrid position within our IT Organization. The role will allow employees to work offsite but will also require onsite work based on business needs. The selected candidate will be expected to commute to the innovation center to which they are assigned as their primary GM facility. This position requires an employee to be onsite 1-3 times per week.

About the team:

Join the GM team and play a crucial role in fortifying the organization's cybersecurity landscape. With the Cyber Risk Mitigation Lead Analyst position, you have the opportunity to influence policies, champion change, and contribute to GM's unwavering commitment to security excellence.

What you'll do:

The Cyber Risk Mitigation Lead Analyst at GM plays a pivotal role in enhancing security measures within the organization. The GM Cyber Risk Mitigation team is dedicated to minimizing security risks within the GM environment. This involves a comprehensive approach of tracking remediation efforts, uncovering root causes, identifying emerging trends, fostering cross-functional collaboration for actionable strategies, and gauging the efficacy of risk mitigation efforts.

​ Root Cause-Centric Solutions : The Lead Analyst will spearhead proactive initiatives to implement solutions that effectively address the root causes of control gaps, bolstering GM's security posture.

Data-Driven Insights : Leveraging insights derived from analyses and data, the Lead Analyst will contribute to shaping GM's Security Awareness & Training program, ensuring its alignment with evolving security challenges.

Policy and Process Influence : The Lead Analyst will wield their knowledge to exert influence on the enhancement of policies and processes, ensuring that they remain in lockstep with the dynamic threat landscape.

Vulnerability Mitigation : Engaging with stakeholders across IT and Security, the Lead Analyst will lead efforts to swiftly mitigate exploitable vulnerabilities that present immediate risks to GM's operations.

Support and Collaboration : Collaborating closely with peers and other team members, the Lead Analyst will provide guidance, respond to inquiries, and manage escalations to facilitate seamless operations within the team.

Proactively engage stakeholders to mitigate GM's cybersecurity risks.

Collaborate with cross-functional teams to implement security solutions addressing the root causes of systemic issues.

Lead and oversee all root cause analysis activities.

Drive improvements to the root cause analysis process to enhance its effectiveness.

Provide coaching to the team during root cause investigations to ensure thorough analysis.

Engage Application Owners and stakeholders to facilitate mitigation and guide the remediation of exploitable vulnerabilities.

Perform manual testing to verify the effectiveness of mitigated vulnerabilities.

Deliver training and education to employees on risk management and compliance.

Foster the team's evolution by exemplifying leadership, aiding members in understanding their role in risk mitigation.

Additional Description Your Skills & Abilities (Required Qualifications)

Bachelor's degree in Information Systems, Information Security, Computer Science, or a relevant technical field.

3+ years of hands-on experience in security assurance, penetration testing, vulnerability management, or incident management.

7+ years in a security related role.

Demonstrated prior leadership responsibilities, showcasing the ability to effectively lead teams.

Proven experience managing multiple projects simultaneously, setting priorities, and consistently meeting deadlines.

Proficiency in identifying security weaknesses across various technologies.

Strong comprehension of network and application technologies.

Advanced knowledge of operating system and database security, including Windows, Unix, Linux, SQL, and Oracle.

Familiarity with the MITRE ATT&CK framework and CIS Controls.

Effective leadership through influence.

Established ability to work autonomously, efficiently manage workloads, and meet expectations and objectives.

Capacity to absorb, retain, and organize information from diverse sources and formats.

Skill in articulating and explaining technical security concepts to non- technical audiences.

Swift adaptability to changes in priorities or directions.

Maintains a high level of integrity when handling confidential and sensitive information.

Preferred Qualifications:

Master's degree in a relevant field.

Possession of one or more relevant security certifications, such as: CISSP, CISA, CCSP, CCNP, CWSA, CEPT, or SANS.

Experience in leading a team through root cause analysis.

Proven experience in risk management.

Demonstrated strong project management skills.

GM DOES NOT PROVIDE IMMIGRATION-RELATED SPONSORSHIP FOR THIS ROLE. DO NOT APPLY FOR THIS ROLE IF YOU WILL NEED GM IMMIGRATION SPONSORSHIP (e.g., H-1B, TN, STEM OPT, etc.) NOW OR IN THE FUTURE.

About GM

Our vision is a world with Zero Crashes, Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better, safer and more equitable for all.

Why Join Us

We aspire to be the most inclusive company in the world. We believe we all must make a choice every day – individually and collectively – to drive meaningful change through our words, our deeds and our culture. Our Work Appropriately philosophy supports our foundation of inclusion and provides employees the flexibility to work where they can have the greatest impact on achieving our goals, dependent on role needs. Every day, we want every employee, no matter their background, ethnicity, preferences, or location, to feel they belong to one General Motors team.

Total Rewards Benefits Overview

From day one, we're looking out for your well-being–at work and at home–so you can focus on realizing your ambitions. Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources.

Diversity Information

General Motors is committed to being a workplace that is not only free of discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that workforce diversity creates an environment in which our employees can thrive and develop better products for our customers. We understand and embrace the variety through which people gain experiences whether through professional, personal, educational, or volunteer opportunities. GM is proud to be an equal opportunity employer.

We encourage interested candidates to review the key responsibilities and qualifications and apply for any positions that match your skills and capabilities.

Equal Employment Opportunity Statements

The policy of General Motors is to extend opportunities to qualified applicants and employees on an equal basis regardless of an individual's age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity/expression or veteran status. Additionally, General Motors is committed to being an Equal Employment Opportunity (EEO) Employer and offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us at [email protected] or call us at 800-865-7580. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.