Senior Azure DevOps Security Engineer - Military Veterans

Overview

Why GMF Technology?

GM Financial is set to change the auto finance industry and is leading the path of embarking on tech modernization - we have a startup mindset, and preserve our small company culture, in a public company environment with financial stability and intense growth over a decade-plus history. We are data junkies and trust in data and insights to advance our business objectives. We take our goal of zero emission, zero collision, zero congestion, and zero friction very seriously. We believe as an auto finance market leader we are in the driver's seat to lead us in the GM EV mission to change the world. We are building global platforms, in LATAM, Europe, China, U.S. and Canada- and we are looking to grow our high-performing team. GMF is comprised of over 10,000 team members globally. Join our fintech culture within a Blue-Chip company where we are changing the way we use technology to support our customers, dealers and business.

Flexible hybrid work environment (onsite 2 days a week/3 days remote) at our Arlington, TX office.

Note: Please note we are not able to consider candidates who require visa sponsorship for this position.

Responsibilities

The Global Infrastructure Vulnerability Remediation Engineer will contribute to critical tasks including defining, assessing, and implementing the organization's vulnerability remediation strategy, researching and analyzing remediations for detected vulnerabilities, and sustaining and improving processes intended to enforce desired state configurations for infrastructure, in collaboration with other IT teams, Cybersecurity, and vendors as needed. This person must possess strong analytics, planning and coordination skills. An energetic, solution minded personality with drive, attention to details and excellent communication skills will be needed for success in this position.

JOB DUTIES

• Uses a broad and deep understanding of technical concepts to troubleshoot and resolve security vulnerabilities and remediation related issues as required, and analyze, propose and implement changes aimed at continuous system-wide improvements


• Act as a technical expert across a broad range of infrastructure, network, applications development, cloud, and third-party vendors to ensure solutions meet the operational and security policies and standards


• Work to maintain global security standards, guidelines, metrics, and implement processes and procedures to ensure an acceptable risk level is maintained with adherence to a recognized framework


• Review daily vulnerability data to identify and prioritize vulnerabilities and exposures


• Utilize data collected in analysis tool to rank, identify severity level and plan short-term and long-term remediation and proactive countermeasures and controls


• Research capabilities with intellectual curiosity and critical thinking to determine the best ways to prioritize and remediate vulnerabilities and threats


• Continuously drive to improve remediation processes and team skill sets via automation for maximum efficiency and reliability


• Assist other engineers with performance analysis, process improvement and task automation


• Perform other duties as assigned


• Conform with all company policies and procedures

Qualifications

What makes you a dream candidate?

Knowledge

• Familiarity with vulnerability assessment tools like PrismaCloud, Qualys, Kenna, Checkmarx, Veracode, Tainium, Nexpose, and Nessus or similar technologies


• Familiarity with industry-standard vulnerability frameworks and databases such as CVE and CVSS and Experience with CSPM, CCM, and cloud security guardrails tools


• Proficiency in analyzing large datasets using statistical methods and data visualization techniques to identify patterns related to vulnerabilities


• Understanding of the configuration management database (CMDB), IT Service Management (ITSM) processes and their value/relevance to Security solutions


• Experience analyzing cloud infrastructure vulnerability data as well as experience working with AWS/Azure VMs, Containers, and image security scanning


• Knowledge of IT security processes and controls as well as IT infrastructure, cloud, and networking technical knowledge


• Experience designing, implementing and troubleshooting automated solutions in a complex environment using Chef, SCCM or other automation and configuration management platforms

Skills

• Excellent presentation, written, oral, and relationship-building skills, including the ability to communicate technical information to non-technical stakeholders


• Strong technical writing and technical editing skills needed to produce clear documentation of remediation activities


• Advanced information security standards/frameworks (ie, NIST Cybersecurity Framework, CIS, ISO 27001) skills


• Strong analytical skills needed to combine information from various sources and find innovative solutions


• Ability to thrive in an Agile and collaborative work environment

Experience and Education

• 6-8 years of experience managing servers, desktops, and/or related infrastructure required


• 5-7 years of experience leading technical projects and implementations in an IT environment preferred


• Experience with DevOps CI/CD pipeline automation strongly preferred


• Experience with Azure environments preferred


• Expereince with Docker, Terraform and Kubernetes strongly preferred


• Experience with Cloud Vulnerability Remediation preferred

What We Offer: Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.

Our Culture: Our team members define and shape our culture - an environment that welcomes innovative ideas, fosters integrity, and creates a sense of community and belonging. Here we do more than work - we thrive.

Compensation: Competitive pay and bonus eligibility.

Work Life Balance: Flexible hybrid work environment (onsite 2 days a week/3 days remote) at our Irving, TX office (Las Colinas Blvd)

Note: Please note we are not able to consider candidates who require visa sponsorship for this position.

#LI-Hybrid

#LI-SG1