Gm Legal Jobs (NOW HIRING)

Why GMF Cybersecurity?

Innovation isn't just a talking point at GM Financial, it's how we operate. By joining our team, you'll work in a mission-focused environment with specialized teams, including Engineering, Threat Intelligence, Vulnerability Management, Incident Response, Firewall, Governance, Risk, Architecture and Offensive Security. These teams collaborate to identify, manage and respond to threats, all while driving innovation across the environment.

Cybersecurity is central to our strategic vision, so you'll benefit from exceptional leadership visibility, with direct reporting lines to the CEO. This structure ensures your work is recognized and supported at the highest levels, while also enabling bold innovation and the adoption of cutting-edge technologies.

Shape the future of Cybersecurity at GM Financial, with the freedom to explore, the tools to build and the support to thrive. 

This position will be posted until filled.

Experience

• 0-2 years of experience in large and complex business environments with a successful track record working directly with senior level management with working knowledge in one or more of the following domains: Access Control, Telecom and Network Security, Cybersecurity Governance, Risk Management, Software Development Security, Cryptography, Security Architecture and Design, Operational Security, Business Continuity & Disaster Recovery, Legal Regulations, Investigations and Compliance, Physical (Environmental) Security, IT or Security Audit, IT or Security Compliance preferred
• 0-2 years of experience in the financial services industry preferred
• 0-2 years of demonstrable experience leading collaborative programs and projects with senior level management required
• High School Diploma or equivalent required
• Bachelor's Degree or equivalent experience strongly preferred

Licenses and Certifications

• Information Security Certifications strongly preferred

What We Offer: Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.

Our Culture: Our team members define and shape our culture - an environment that welcomes innovative ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work - we thrive.

Compensation: Competitive pay and bonus eligibility.

Work Life Balance: Flexible hybrid work environment, 4-days a week in office.

NOTE: We are unable to consider candidates who require visa sponsorship for this position

This position is not open to agency submissions

About the role: 

The Associate Cybersecurity Analyst is responsible for supporting the execution of the GM Financial (GMF) Cybersecurity Program by contributing to the organization's management of cybersecurity risk through structured analysis, control validation, and process transparency. This role enables informed risk-based decision making by developing an understanding of the cybersecurity program, evaluating the effectiveness of controls, and ensuring alignment to established frameworks and regulatory expectations.

• Document cybersecurity processes to drive consistency and clarity across the program
• Support the evaluation and testing of cybersecurity controls to assess effectiveness and identify opportunities to enhance program maturity
• Identify and recommend process and control improvements to strengthen overall program consistency and performance
• Partner with business and IT stakeholders to validate control ownership, align on cybersecurity requirements, and support effective control execution across the enterprise
• Support regulatory and audit-related activities by organizing and delivering required information and aligning controls to applicable frameworks
• Develop and deliver meaningful reporting and insights to support informed decision-making by leadership and key stakeholders
  What makes you a dream candidate?
• Experience with documentation and reporting of policy or procedure discrepancies and/or change requests
• Demonstrated capability to collaborate with business partners to manage cybersecurity needs
• Knowledge on the latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities
• Ability to apply advanced information security standards/frameworks (i.e., NIST Cybersecurity Framework, ISO 27001) to analysis and assessments
• Fosters open communication, speaks with impact, listens to others, and writes effectively
• Effective planning, time management, negotiation and delegation skills
• Ability to prioritize multiple tasks simultaneously with strong organizational skills
• Demonstrated critical thinking, analytical skills, judgment and logic when solving problems and making decisions