Cyber Security Incident Analyst

Description

This is a Hybrid position. The role will allow employees to work offsite but will also require onsite work based on business needs. The selected candidate will be expected to commute to the innovation center to which they are assigned as their primary GM facility. This position requires an employee to be onsite 1-3 times per week.

The Cyber Security Incident Analyst is a technical leadership position which requires leading the definition and implementation of GM Cyber Security technology direction, standards or technology roadmaps across GM business units or multi-functional IT organizations minimally within one security domain.

About the role:

The Cyber Security Incident Analyst role is responsible for in-depth analysis of security events discovered by the Event Analyst. After detection, an Incident Analyst must be able to apply his/her experience and expertise in various system and networking technologies to determine if an incident has occurred. If an incident has occurred, the Incident Analyst will follow detailed operational processes and procedures to escalate and assist in gathering of evidence for information security incidents. Additionally, the Incident Analyst will serve as a shift lead to provide in-depth analysis, escalation and call-outs, and mentor the Event Analyst. Other responsibilities will include participating in detection planning and researching of detection techniques.

The Incident Analyst will be asked to perform the following major tasks:

Provide 24x7 security monitoring coverage with on-call off hours support.

Research various security events using his/her knowledge, research tools, and threat intelligence to determine when an incident has occurred.

Analyze “sweeps” the IT environment looking for indicators of compromise.

Follow detailed operational process and procedures to appropriately triage, analyze, and escalate critical information security event.

Consume threat intelligence to proactively detect threats to the GM IT infrastructure.

Develop new event detection signatures and techniques based on threat research and observations across networking/host/application systems.

Evaluate technologies for use in detecting security events and incidents.

Additional Description

Minimum Qualifications:

Bachelor's degree in Information Security, Computer Science, Information Systems, or relevant work experience.

5+ years working within the information security field, with emphasis on security operations, incident management, intrusion detection, and/or security event analysis.

Possess strong analytical skills - able to efficiently evaluate data sources and communicate analysis effectively.

Demonstrated ability to create tactical, ad hoc scripts to supplement existing tool base as needed.

Experience using network security monitoring tools (IDS events, flow tracking, packet loggers, etc) and with the techniques required to properly analyze and respond to information security events.

Experience evaluating suspect assets using forensics applications and other host based tools (file, memory, and disk analyzers).

Experience with security operations in a cloud environment such as Azure, AWS or GCP.

Great customer service skills.

Advanced written and verbal communication skills.

Demonstrated ability to work in a team environment, able to coach and mentor other team members.

Preferred Qualifications:

Security industry certifications are a plus, e.g. CISSP, GCIA, SC-200.

5+ years experience in security monitoring / security operations.

Working knowledge of SIEM and/or log-based detection technologies.

In depth knowledge of EDR systems.

Strong project management skills.

About GM

Our vision is a world with Zero Crashes, Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better, safer and more equitable for all.

Why Join Us

We aspire to be the most inclusive company in the world. We believe we all must make a choice every day – individually and collectively – to drive meaningful change through our words, our deeds and our culture. Our Work Appropriately philosophy supports our foundation of inclusion and provides employees the flexibility to work where they can have the greatest impact on achieving our goals, dependent on role needs. Every day, we want every employee, no matter their background, ethnicity, preferences, or location, to feel they belong to one General Motors team.

Total Rewards Benefits Overview

From day one, we're looking out for your well-being–at work and at home–so you can focus on realizing your ambitions. Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources.

Diversity Information

General Motors is committed to being a workplace that is not only free of discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that workforce diversity creates an environment in which our employees can thrive and develop better products for our customers. We understand and embrace the variety through which people gain experiences whether through professional, personal, educational, or volunteer opportunities. GM is proud to be an equal opportunity employer.

We encourage interested candidates to review the key responsibilities and qualifications and apply for any positions that match your skills and capabilities.

Equal Employment Opportunity Statements

The policy of General Motors is to extend opportunities to qualified applicants and employees on an equal basis regardless of an individual's age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity/expression or veteran status. Additionally, General Motors is committed to being an Equal Employment Opportunity (EEO) Employer and offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us at [email protected] or call us at 800-865-7580. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.