GM Financial

Associate Cybersecurity Engineer

Job Description

Posted on: 
May 19, 2024

The Associate Cybersecurity Engineer is responsible for maintaining and building upon a fundamental skill set in alert triage, on-going monitoring, detection, investigation, and incident response activities to identify and mitigate threats to the corporate network, assets, and users. This team member will collaborate with stakeholders to perform on-going alerting and tuning on various technologies. Security technologies may include but are not limited to: Data Loss Prevention (DLP), Security Incident Event Management (SIEM), User and Entity Behavior Analytics (UEBA), Intrusion Detections System (IDS)/Intrusion Prevention System (IPS), Endpoint Detection and Response (EDR), Network Detection and Response (NDR), Security Orchestration, Automation and Response (SOAR), and Web/Email Security Products.


  • Triage, investigate, escalate, and assist with alerts and incidents from multiple sources of varying technical levels
  • Investigate security incidents from detection to resolution, engaging in any containment, eradication and recovery actions as needed
  • Write and execute search commands within a SIEM to find relevant information
  • Navigate various security products and solutions for pertinent data and insights
  • Develop custom rules and detections using Regular Expression (Regex) and YARA
  • Remain up to date on the latest Cybersecurity trends and tactics, techniques, and procedures (TTP)
  • Attention to detail and ability to formulate decisions based on evidence gathering
  • Perform other duties as assigned
  • Conform with all company policies and procedures

Job Requirements


  • Strong technical skills and hands on experience in Cybersecurity as it relates to alert triage, on-going monitoring, detection, investigation, and incident response activities
  • Understanding of Cybersecurity concepts such as Endpoint security, Network security, Cloud security, Data Loss Prevention/Data Privacy, and Web/Email security
  • Familiarity with the NIST Incident Response Life Cycle and the MITRE ATT&CK Framework
  • Strong knowledge of the OSI model and security that is associated with each layer
  • Strong knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux/Mac, web/email traffic fundamentals, and using a command line interface (CLI)
  • Possess understanding of cloud providers, technologies, and concepts
  • Understanding of Agile and DevOps environments
  • Experience with scripting languages such as Python, Go, Ruby, PowerShell, etc


  • Demonstrated ability to communicate across multiple levels of stakeholders
  • Ability to document and summarize technical evidence and findings
  • Good interpersonal, verbal, and written communication skills across various mediums
  • Detail oriented with good time and analytical skills
  • Ability to exercise prudent judgment and offer knowledgeable recommendations
  • Ability to work both independently and in a team environment
  • Ability to manage multiple projects, tasks, and investigations
  • Ability to work in sensitive situations
  • Be a reputable representative of the department

Education & Experience

  • Bachelor’s Degree or equivalent experience preferred
  • Working knowledge in one or more of the following domains: Cybersecurity, Cloud Computing, Network Engineering, Network Operations, Information Technology Support, System Administrator, Data Science, Software Development preferred
  • 0-2 years of experience in large, complex, and global business environment preferred
  • Cybersecurity related Certifications strongly preferred

Apply now

More job openings