Opportunity to work in a hybrid model: Potential to work 4 days onsite and 1 day remote Why GM Financial Cybersecurity?
Our Cybersecurity team is tasked with the security engineering, regulatory response, third party risk, and incident response capabilities necessary to secure GM Financial, the captive auto finance subsidiary of General Motors. Reporting directly to the CEO, our Cybersecurity team enjoys unprecedented support to deliver the highest level of security capabilities using cutting edge technologies and automating mundane tasks, allowing our teams to focus on interesting and rewarding security work. As a part of GM, you will have the opportunity to work on Cybersecurity projects across financial services, automotive, manufacturing, high-tech, and military industries. We are looking for team players who want the freedom to innovate leading edge capabilities to join our growing Cybersecurity team. Responsibilities
About the role:
You are responsible for assessing risk and developing and delivering a comprehensive Cybersecurity program for GM Financial. As a Principal Technical Architect, you will be at the forefront of systems architecture design and implementation including applications, data, and emerging technology domains. A successful Principal Technical Architect can translate business requirements into specific systems, applications, or process designs for large, complex IT solutions. This position requires a leader who can identify current and future risks, works well with others, and performs in challenging situation s .Qualifications
What makes you a dream candidate?
- Efficiently and effectively identify gaps and quantify risks (current and emerging), including the security and operational costs and the impact to the enterprise business processes
- Develop viable and supportable solutions according to those risk s , creating security requirements and strategies for identit y and access, infrastructure and network, logging and monitoring, application and software development, data , and endpoints
- Assess the capabilities of GMF’s technologies and how they play a role in the security posture to recommend short-term and long-term roadmaps to mature and maintain GMF’s overall security effectiveness
- Partner with IT and the business in capturing requirements to develop a viable technical architecture that securely enables the expected business functionality
- Create, integrate, and validate the technical designs as secure patterns in support of identity and access, infrastructure and network, logging and monitoring, application and software development, data, and endpoints, supporting business intelligence , functions, and processes
- Adapt and transform established frameworks to aid in the maturing and optimization of security controls and services, or recommend alternatives to increase the security posture while optimizing ROI
- Exhibit a detailed understanding of information technology, operating systems, protocols, cloud and on-premises networking, endpoint security, databases, cloud orchestration, and automation solutions
- Articulate an a dvanced knowledge with designing and/ or implementing secure Cloud environments , through cloud identities ; software-defined and borderless networks ; serverless , container, and composable architectures; and other security controls and technologies
- Integrate security requirements with identity stores, relational databases, application servers, and physical access management systems
- Apply authentication and authorization solutions for IAM (Identity & Access Management) like SSO, OAuth, MFA, Vaulting Secrets, and PAM (Privileged Access Management)
- Engage in complex problem solving throughout the SDLC, overseeing, from a security perspective, the build , test, and deployment processes, supporting and advocating for secure automation, and system monitoring performed by the Cybersecurity business partners
- Design and develop controls , patterns, and strategies to identify and address security gaps in deployed infrastructure, software , applications , and data systems
- Validate the secure design and implementation of deployed software and applications to ensure appropriate use of APIs, data stores and models, web and app services, microservices and containers, and APKs through effective risk management and mitigation
- Bachelor’s Degree in related field or equivalent experience required
- Greater than 10 years’ experience in the security or diverse technologies and processing environments required
- 3-5 years’ experience as Lead Security Architect, Network Architect, Solutions Architect, or similar role required
- 3-5 years’ experience working with a geographically dispersed teams required
- CISSP, CISM, CISA, SANS GIAC, CGEIT, CRISC, GSEC, ITL, PMP or Agile Upon Hire preferred
What We Offer : Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.
Our Culture: Our team members define and shape our culture. We have an environment that welcomes new ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work — we thrive.
Compensation: Competitive salary and bonus eligibility; this role is eligible for company vehicle program
Work Life Balance: Flexible hybrid work environment, 4-days a week in office