Senior Principal Cybersecurity Engineer, Incident Response jobs in United States
cer-icon
Apply on Employer Site
company-logo

GM Financial · 2 weeks ago

Senior Principal Cybersecurity Engineer, Incident Response

positionArlington, TX
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
date12+ years exp

GM Financial is a company focused on innovation within the cybersecurity domain. They are seeking a Senior Principal Cybersecurity Engineer to lead their Incident Response team, where the individual will influence business strategy and enhance productivity through technical leadership and process improvement.

Finance
check
Comp. & Benefits
check
H1B Sponsor Likelynote

Responsibilities

Actively participate in incident investigations, covering detection, containment, eradication, recovery, and post-incident reviews
Develop and enhance incident response tools, scripts, and frameworks to improve efficiency, accuracy, and scalability of detection, response and investigations
Conduct and enhance memory/network/host/cloud forensics, malware reverse-engineering, and automated triage
Create customized tactical and strategic remediation plans related to alerts and incidents identified inside the GMF landscape as well as identified in the wild
Convey analytical findings through finished technical reports post incident
Identify and codify attacker TTPs and IOCs, feeding them into detection pipelines and IR playbooks
Gather and analyze cybersecurity data, technology tools and risk systems to identify security exposures
Lead or participate in tabletop exercises, Purple Team sessions, and threat fencing simulation
Perform analysis of various log sources, SIEM alerts, IDS/IPS alerts, host activity, and network traffic to identify suspicious or anomalous activity
Stay proactively ahead of the threat landscape—monitor zero-days, vulnerabilities, and advanced persistent threats

Qualification

Incident responseForensicsThreat intelligenceScriptingCloud incident responseTCP/IP networkingDetection rulesMalware analysisData science principlesSoft skills

Required

Experience with leading cross-functional and/or global initiatives from start to finish
Advanced knowledge of business acumen and a deep understanding of business implications of decisions
In-depth understanding of company values, mission, vision and strategic direction
Comprehensive knowledge of GM Financial's business operations
Recognized as an expert across the business unit
Experience building detection rules and associated
Experience with threat intelligence techniques and detection rules, and a variety of forensic analysis tools in incident response investigations to determine the extent and scope of compromise
Strong experience conducting or managing incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Organized Crime, and Hacktivists
Strong ability to independently develop and implement risk hunting methodologies
Skilled in network, endpoint, memory, disk, and cloud forensics—with documented lead roles in complex investigations
Working knowledge of global cyber threats, threat actors, adversary tactics, techniques and procedures
Experience with TTPs, IOCs, and the MITRE ATT&CK and RE&ACT framework
Strong understanding of cloud incident response on platforms like Azure or AWS including working knowledge of how to implement logging and monitoring within them
Consistent experience on case management, following workflows, communicating incidents, and retrieving necessary data
Verifiably skilled in scripting to build or improve incident response
Demonstrated experience constructing and testing APIs
Experienced in NIST incident response roles and capabilities
Advanced knowledge of TCP/IP networking, OSI model and IP subnetting
Advanced knowledge of CI/CD and Detection as Code
Knowledge of analysis tools like Bro/Zeek or Suricata, Splunk SPL and ability to perform analysis of associated network logs
Strong understanding of secure network architecture and strong background in performing network operations
Strong technical understanding of application layer protocols including HTTP, SSH, SSL, and DNS and how they relate to cybersecurity
Technical knowledge of common network protocols and design patterns including TCP/IP/ HTTPS/ FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Advanced experience within Python, PowerShell, Bash, Jupyter and Anaconda, capable of writing modular code that can be installed on a remote system
Demonstrated capabilities in core data science principles
In-depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systems
Understanding of source code, hex, binary, regular expression, data correlation, and analysis such as network flow and system logs
Proficient with Yara and writing rules to detect similar malware samples
Knowledgeable of current malware techniques to evade detection and obstruct analysis
Understanding of the capabilities of static and dynamic malware analysis, and practical experience with static, dynamic, and automated malware analysis techniques
Experience writing malware reports
Experience with reverse engineering various file formats and analysis of complex malware samples
Bachelor's Degree or Associate Degree plus 2 years of relevant experience required
12 years minimum experience in related functions
5-7 years experience leading through mentorship in a related field
5-7 years experience driving thought leadership and innovation across products

Preferred

Relevant certifications or licenses preferred

Benefits

401K matching
Bonding leave for new parents (12 weeks, 100% paid)
Training
GM employee auto discount
Community service pay
Nine company holidays

Company

GM Financial

twittertwittertwitter
Glassdoor3.9
company-logo
GM Financial is the captive finance company and a wholly-owned subsidiary of General Motors Company.
dateFounded in 1992
location
Fort Worth, Texas, USA
people-size5001-10000 employees
web-link
https://www.gmfinancial.com/

H1B Sponsorship

GM Financial has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (101)
2024 (91)
2023 (86)
2022 (81)
2021 (55)
2020 (50)

Funding

Current Stage
Late Stage
Total Funding
unknown
2010-09-29Acquired

Leadership Team

leader-logo
Katie DeGraaf
Senior Vice President, OnStar Insurance, Product & Telematics
linkedin
leader-logo
Ross Reichardt
AVP - OnStar Insurance
linkedin

Recent News

MEXICONOW
Chevrolet Debuts New Plug-in Hybrid Captiva in Mexico
2025-11-12
PR Newswire
Drivers Can Save Now on Their Buick Model Purchase
2025-11-04
Just-Auto
GM withdraws plan to extend EV tax credits after policy scrutiny – report
2025-10-10
Company data provided by crunchbase