Senior Cyber Detection Incident Analyst - Security ...

Job Description The Role Join GM's Cybersecurity Team and be at the forefront of protecting our global information assets and networks. We are dedicated to proactively defending against cyber threats through strategic leadership and innovation. We are looking for experienced cybersecurity professionals who are driven to enhance our security posture and resilience. As a Senior Cyber Detection Incident Analyst within GM's Security Operations team, you will be crucial in advancing our capability to detect and analyze sophisticated cyber threats across varied environments. Your expertise in endpoint, network, cloud, identity, and application detection technologies will be instrumental in identifying malicious activities, improving alert accuracy, and refining our detection workflows and platforms. In this role, you will lead impactful investigations, develop and optimize detection strategies across SIEM, EDR, NDR, SOAR, and cloud-native security tools, and apply threat intelligence to enhance GM's defenses. Collaboration with various teams within Cyber Security and GM will be essential in improving visibility, analytics, automation, and overall efficiency in Security Operations. This position demands strong technical analysis, the design and tuning of effective detections, managing incident escalation processes, and collaborating with the broader security organization to ensure a robust and scalable detection framework. You will mentor fellow analysts, shape detection strategies, influence tools and technologies, and explore new solutions, including automation and AI, to mitigate manual tasks and elevate detection capabilities. What You'll Do Conduct in-depth triage and analysis of security events using various tools and analytics. Lead incident escalation procedures and work with Incident Response and partner teams to ensure rapid containment and resolution of threats. Engage in proactive threat hunting across all platforms using intelligence and behavioral analytics. Analyze telemetry from disparate systems to spot advanced attack patterns. Leverage knowledge of OS internals, cloud architectures, and security protocols to assess risks and guide escalation actions. Incorporate threat intelligence into detection logic and strategic hunting methodologies. Develop, tune, and maintain high-efficacy detections across multiple technologies including: SIEM, EDR/XDR, NDR, SOAR, cloud-native tools, and SaaS platforms. Assess and validate emerging detection technologies and analytical methods to enhance visibility and response times. Act as a technical lead, mentoring analysts and promoting consistent quality in detection and response workflows. Participate in 24x7 monitoring as part of an on-call rotation. Your Skills & Abilities (Required Qualifications) Bachelor's degree in Information Security, Computer Science, Information Systems, or equivalent experience. Over 5 years of experience in cybersecurity, focusing on detection engineering, incident response, and security event analysis. Strong analytical skills with the ability to interpret complex datasets and articulate findings clearly. Capability to create scripts (Python, PowerShell, KQL, Bash, etc.) for investigative workflows. Experience in network security monitoring and identifying/responding to security incidents. Proficient in detecting threats in cloud environments and using their associated detection tools. Excellent collaboration and communication skills essential for team partnerships. Experience in mentoring analysts and contributing to team development. In-depth knowledge of SIEM technologies, log analytics, and correlation techniques. Strong understanding of EDR platforms and behavioral detection strategies. What Will Give You a Competitive Edge (Preferred Qualifications) Certifications such as GCIA, GCIH, or cloud security credentials. More than 7 years in cyber incident detection and security operations. Familiarity with vehicle security, automotive architectures, or embedded security telemetry. Experience in manufacturing or OT security environments. Knowledge in application security, CI/CD pipelines, and API abuse detection. Experience in leading security projects and incident response initiatives. Malware analysis experience. This position is not eligible for immigration-related sponsorship. Candidates requiring sponsorship will not be considered. This role follows a hybrid work model, requiring on-site presence at least three times a week. This role may qualify for relocation benefits. About GM We envision a world with Zero Crashes, Zero Emissions, and Zero Congestion, and we take pride in our responsibility to drive meaningful change for a safer, equitable future. Why Join Us We focus on fostering a culture that values change through our actions. Every employee is valued as part of the General Motors team. Benefits Overview From day one, we prioritize your well-being both personally and professionally, ensuring you can pursue your goals. Discover how GM invests in your career growth and rewards through our Total Rewards program. Inclusivity Commitment General Motors is dedicated to fostering an inclusive and discrimination-free workplace, ensuring equal opportunities for all employees. Employment decisions are made without regard to attributes such as race, gender, or disability, in line with federal, state, and local laws. We encourage interested candidates to review the responsibilities and qualifications carefully and apply for any roles matching their skills. Accommodations General Motors provides support for all job seekers, including those with disabilities. If you require assistance or reasonable accommodations during the application process, please reach out to our careers accommodations team with your request. Together, we can lead the change in technology and innovation, making our world safer and more equitable for everyone.

Created: 2026-03-10