GM Financial is hiring: Senior Principal Cybersecurity Engineer, Threat and Vuln

Senior Principal Cybersecurity Engineer, Threat and Vulnerability Hybrid work environment: 4 days onsite and 1 day remote. Location: Fort Worth, TX (Primary) – Dallas‑Fort Worth Metroplex – Carrollton, TX. Why GM Financial Cybersecurity? Innovation is a core part of GM Financial. As a member of our team you will work in a mission‑focused environment with specialized groups—Engineering, Threat Intelligence, Vulnerability Management, Incident Response, Firewall, Governance, Risk, Architecture and Offensive Security—to identify, manage and respond to cyber threats while driving continuous innovation. Job Description The Senior Principal of Vulnerability Management is a highly skilled and detail‑oriented leader in cybersecurity vulnerability management. The role is responsible for identifying, assessing, prioritizing, and coordinating security vulnerabilities across IT infrastructure, business applications and cloud environments. The ideal candidate will have a strong technical background in IT, cybersecurity, vulnerability scanning tools and risk assessment methodologies, and the ability to clearly communicate risk levels, impacts and remediation options to technical and non‑technical stakeholders. In This Role, You Will Support and influence technical direction for vulnerability and scanning technology. Architect, build and maintain scalable vulnerability detection rules, alerts, scripts and triage pipelines. Monitor and assess company cyber risks and implement mitigation strategies. Conduct continuous discovery and vulnerability assessment of enterprise‑wide assets, including unscheduled scans. Serve as a technical escalation point for vulnerability management and remediation efforts. Define, build and apply protective mitigations and work with engineering and infrastructure teams to integrate fixes upstream. Interpret complex data from vulnerability scans to pinpoint potential security risks and weaknesses. Examine disclosed vulnerabilities, threat scenarios and mitigating controls to understand potential impact. Provide specific, risk‑based recommendations for addressing and mitigating identified vulnerabilities. Perform technical analysis of all scan results and deliver detailed reports as required. Reporting Structure This role reports to the AVP of Cybersecurity. Qualifications Experience leading cross‑functional or global initiatives from start to finish. Advanced business acumen and deep understanding of business implications of decisions. In‑depth knowledge of GM Financial’s values, mission, vision and strategic direction. Extensive experience in threat modeling, secure design and code review processes. Strong knowledge of Windows, Linux, Unix and other operating system vulnerabilities, and mitigation techniques. Expertise in protecting against ransomware threats. Deep experience building and utilizing scalable platforms and tools (e.g., vulnerability scanners, detection pipelines, analytics systems). Proficiency in data aggregation, reporting and visualization. Robust experience securing hybrid/multi‑cloud environments (Azure, AWS). Proven record of building vulnerability tooling and automations integrated into workflows. Comprehensive understanding of the vulnerability risk landscape and its impact on cyber threats. Strategic understanding of vulnerability remediation priorities. Experience performing risk assessments of vulnerabilities and evaluating compensating controls in large, complex infrastructures. Knowledge of secure coding practices and application security testing (SAST, DAST, SCA, IaC). Experience building and operating Vulnerability Management or Threat Intelligence programs. Programming skills in Python, REST, Node, SQL and other common languages. Familiarity with computer networking, TCP/IP, network fabrics, OSI layers and corporate networking devices. Experience with DevSecOps and CI/CD methodologies. Knowledge of container security (Docker, Kubernetes) and threat intelligence frameworks (MITRE ATT&CK, CISA). Excellent analytical, written, verbal communication and documentation skills. Experience Bachelor’s or Associate’s Degree with 2 years of relevant experience. 12+ years in related cybersecurity functions. 5–7 years leading and mentoring teams. 5–7 years driving thought leadership and innovation across products. Relevant certifications or licenses preferred. What We Offer Competitive salary and bonus eligibility, including eligibility for our company vehicle program. Generous benefits package starting day one: 401(k) matching, bonding leave for new parents (12 weeks, 100% paid), training, GM employee auto discount, community service pay, and nine company holidays. Flexible hybrid work environment—4 days a week in the office, 1 day remote. Culture that welcomes new ideas, fosters integrity and creates a sense of community and belonging. #J-18808-Ljbffr