Associate Cybersecurity Engineer
GM Financial · Arlington, TX · 3 wk ago
HybridInformation TechnologyFull-time
Responsibilities
This Associate Cybersecurity Engineer role at GM Financial focuses on vulnerability management and application security within a highly visible, mission-driven security organization. The role partners closely with engineering and DevOps teams to identify, assess, and remediate vulnerabilities across enterprise systems and cloud-based applications, integrating security controls into CI/CD pipelines and modern DevSecOps workflows.
The position emphasizes hands-on work with vulnerability management platforms, application security tools, WAFs, and secure coding practices, while also contributing to risk assessments, incident response, and security reporting for leadership.
Qualifications
- Understanding of vulnerability management processes, CVSS scoring, and remediation strategies.
- Experience with application security tools (e.g., Veracode, Checkmarx, Burp Suite, OWASP ZAP).
- Knowledge of secure software development lifecycle (SDLC) and DevSecOps principles.
- Familiarity with container security, Kubernetes, and cloud-native application security.
- Familiarity securing cloud environments (AWS, Azure, GCP) and implementing IaC security controls (Terraform, CloudFormation).
- Scripting and automation (Python, Bash, or similar) for vulnerability scanning and remediation workflows.
- Understanding of networking fundamentals, TCP/IP, OSI model, and application layer protocols (HTTP, SSL/TLS, DNS).
- Knowledge of security frameworks and standards (NIST CSF, ISO 27001, OWASP Top 10).
- Analytical skills for interpreting vulnerability data and assessing business impact.
- Excellent communication skills for collaborating with developers, operations teams, and leadership.
Additional Knowledge and Skills
- Working effectively within an AI enabled environment:
- Ability to use AI tools (e.g., Microsoft Copilot) to support daily work.
- Skills in evaluating AI outputs for accuracy, compliance, and bias.
- Experience integrating AI into workflows to improve efficiency or insights.
- Familiarity with AI assisted research, summarization, and content generation.
- Understanding of responsible AI use, including ethics and data protection.
Work Experience & Education
- 0-2 years of experience in large and complex business environments with a successful track record working directly with senior level management preferred.
- 0-2 years of experience in one or more of the following domains: Cybersecurity, Information Security, Network Engineering, or Network Operations, Information Technology, Application Development preferred.
- High School Diploma or equivalent required.
- Bachelor’s Degree in related field or equivalent work experience strongly preferred.
Licenses and Certifications
- One or more security related certifications, such as CISSP, CCNP-Security, GIAC, CEH, or CPTS highly preferred.