Associate Cybersecurity Analyst

Why GMF Cybersecurity?

Innovation isn’t just a talking point at GM Financial, it’s how we operate. By joining our team, you’ll work in a mission-focused environment with specialized teams, including Engineering, Threat Intelligence, Vulnerability Management, Incident Response, Firewall, Governance, Risk, Architecture and Offensive Security. These teams collaborate to identify, manage and respond to threats, all while driving innovation across the environment.

Cybersecurity is central to our strategic vision, so you’ll benefit from exceptional leadership visibility, with direct reporting lines to the CEO. This structure ensures your work is recognized and supported at the highest levels, while also enabling bold innovation and the adoption of cutting-edge technologies.

Shape the future of Cybersecurity at GM Financial, with the freedom to explore, the tools to build and the support to thrive. 

This position will be posted until filled.

About the role: 

The Associate Cybersecurity Analyst is responsible for supporting the execution of the GM Financial (GMF) Cybersecurity Program by contributing to the organization’s management of cybersecurity risk through structured analysis, control validation, and process transparency. This role enables informed risk-based decision making by developing an understanding of the cybersecurity program, evaluating the effectiveness of controls, and ensuring alignment to established frameworks and regulatory expectations.

• Document cybersecurity processes to drive consistency and clarity across the program
• Support the evaluation and testing of cybersecurity controls to assess effectiveness and identify opportunities to enhance program maturity
• Identify and recommend process and control improvements to strengthen overall program consistency and performance
• Partner with business and IT stakeholders to validate control ownership, align on cybersecurity requirements, and support effective control execution across the enterprise
• Support regulatory and audit-related activities by organizing and delivering required information and aligning controls to applicable frameworks
• Develop and deliver meaningful reporting and insights to support informed decision-making by leadership and key stakeholders
  
  What makes you a dream candidate?
• Experience with documentation and reporting of policy or procedure discrepancies and/or change requests
• Demonstrated capability to collaborate with business partners to manage cybersecurity needs
• Knowledge on the latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities
• Ability to apply advanced information security standards/frameworks (i.e., NIST Cybersecurity Framework, ISO 27001) to analysis and assessments
• Fosters open communication, speaks with impact, listens to others, and writes effectively
• Effective planning, time management, negotiation and delegation skills
• Ability to prioritize multiple tasks simultaneously with strong organizational skills
• Demonstrated critical thinking, analytical skills, judgment and logic when solving problems and making decisions