Cybersecurity Team Lead

GM Financial

Apply

  • Date Posted:

    4/19/2025

  • Remote Work Level:

    Hybrid Remote

  • Location:

    Hybrid Remote in Irving, TX

  • Job Type:

    Employee

  • Job Schedule:

    Full-Time

  • Career Level:

    Manager

  • Travel Required:

    No specification

  • Education Level:

    Bachelor's/Undergraduate Degree,Professional Certification

  • Salary:

    We're sorry, the employer did not include salary information for this job.

  • Categories:

    ITSoftware EngineerProduct ManagerProject ManagerCyber Security

  • Benefits:

    Parental Leave, Retirement Savings, Education Assistance, Paid Holidays, Career Development, Community Service

About the Role

Title: Cybersecurity Team Lead

Location: Irving United States

Job Description:

  • Irving, Texas
  • Cybersecurity
  • Hybrid (Remote/On Site)
  • 49204

Job Description

Overview

Opportunity to work in a hybrid model: Potential to work 4 days onsite and 1 day remote
Why GMF Cybersecurity?
Our Cybersecurity team is tasked with the security engineering, regulatory response, third party risk, and incident response capabilities necessary to secure GM Financial, the captive auto finance subsidiary of General Motors. Reporting directly to the CEO, our Cybersecurity team enjoys unprecedented support to deliver the highest level of security capabilities using cutting edge technologies and automating mundane tasks, allowing our teams to focus on interesting and rewarding security work. As a part of GM Financial, you’ll have the opportunity to work on Cybersecurity projects across financial services, automotive, manufacturing, high-tech, and military industries. We are looking for team players who want the freedom to innovate leading edge capabilities to join our growing Cybersecurity team.

Responsibilities

About the role:

The Cybersecurity Incident Response Team Lead is responsible for identifying and mitigating threats to the corporate network, corporate assets and corporate users to ensure the security of company systems and information assets while also managing a portion of the GM Financial (GMF) Cybersecurity Program designed to advise the organization on its management of Cybersecurity risk by supporting risk-based management decisions. This includes leading investigations into security threats, working with internal and external groups to ensure the Cybersecurity program is operating effectively, and efficiently and developing strong partnerships across the enterprise to ensure information assets are protected at the appropriate level. Additionally, this team member will be responsible, as necessary, with the technical implementation of systems and communication of security requirements to management and security leadership.

Job Duties:

  • Lead and coordinate investigation and response activities to potential security events and user inquiries from multiple sources
  • Investigate security events from detection to resolution, engaging in any containment, eradication and recovery actions as needed
  • Performs analysis of various log sources, SIEM alerts, IDS/IPS alerts, host activity, and network traffic to identify suspicious or unauthorized activity
  • Write ad-hoc searches and custom detections within a SIEM to find relevant information
  • Participate in the on-call rotation for responding to various cybersecurity incidents
  • Review and coordinate implementation of security solutions aimed to enhance incident response capabilities
  • Ability to approach problems with an open-mind, think strategically and make collaborative decisions
  • Strong presentation expertise, and the ability to coordinate and conduct meetings
  • Communicates quickly, clearly, concisely, appropriately and intelligently
  • Effective planning, time management, negotiation and delegation skills

Qualifications

What makes you a dream candidate: 

  • Knowledge of Leadership and Management of a technical team of engineers
  • Working knowledge of management processes such as personnel administration, planning, and budgeting
  • Familiarity with vendors, project expenses and purchasing requisitions
  • Strong technical skills and hands on experience in Cybersecurity as it relates to alert triage, on-going monitoring, detection, investigation, and incident response activities
  • Understanding of Cybersecurity concepts such as Endpoint security, Network security, Cloud security, Data Loss Prevention/Data Privacy, and Web/Email security
  • Knowledge of the latest security and privacy legislation, regulations, advisories, alerts, exploits, and vulnerabilities
  • Advanced understanding of the NIST Incident Response Life Cycle and the MITRE ATT&CK Framework
  • Strong knowledge of the OSI model and security that is associated with each layer
  • Advanced knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux/Mac, web/email traffic, microservice architecture, and using a command line interface (CLI)
  • Possess strong understanding of cloud providers, technologies, and concepts
  • Understanding of Agile and DevOps environments
  • Demonstrated success in project management
  • Experience in scripting and automation in widely used languages such as Python or PowerShell is a plus

Experience & Education:

  • Bachelor’s Degree in related field or equivalent work experience strongly preferred
  • 5-7 years of years of experience in large and complex business environments with a successful track record working directly with senior level management and at least 3 years of experience in one or more of the following domains: Cybersecurity, Network Engineering or Operations, Information Technology, Application Development, Access Control, Security Governance, Risk Management, Software Development Security, Cryptography, Security Architecture and Design, Operational Security, Business Continuity & Disaster Recovery, Legal Regulations, Investigations and Compliance, Physical (Environmental) Security, IT or Security Audit, IT or Security Compliance preferred
  • 2-3 years experience securing cloud deployments on common platforms like Microsoft Azure, Amazon Web Services or Google Cloud Platform preferred
  • Experience with deploying environments by defining infrastructure as code (IaC) preferred
  • Experience in developing custom detections and logic to identify suspicious activity, specific attacks, and exploits
  • Cybersecurity related certifications strongly preferred
  •   GCFA, GCIH, GCIA, GCFE, CISSP

What We Offer: Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.

Our Culture: Our team members define and shape our culture — an environment that welcomes innovative ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work — we thrive.

Compensation: Competitive pay and bonus eligibility

Work Life Balance: Flexible hybrid work environment, 4- days a week in office

#LI-HH1

#LI-Hybrid

All Veterans are welcome to apply.

GM Financial is an Equal Opportunity Employer and is committed to diversity and inclusion at every level of our organization. We do not discriminate against any applicant or employee based on race, color, age, gender, national origin, religion, sexual orientation, gender identity, veteran status, disability or any other federal, state or local protected class.

GM Financial has an accommodation process in place and provides accommodations for applicants and employees with disabilities. If you require a reasonable accommodation because of a disability, please contact Human Resources at 1-866-411-4748 or by e-mail at HRConnection@gmfinancial.com.

Apply