Sr. Cyber Threat Intelligence Analyst Security Operations

Job Description

The Role

GMsCybersecurity Teamsafeguards the companys global information assets networks and infrastructure. Our mission is to proactively defend GM against evolving cyber threats through strategic leadership technical excellence and innovative risk management. We seek cybersecurity professionals with advanced expertise capable of driving enterprise security initiatives and influencing organizational resilience.

General Motors (GM) is seeking a Senior Cyber Threat Intelligence Analyst to join the Cybersecurity team. This strategic role will proactively analyze and translate complex threat data into actionable intelligence guiding GMs IT and connected vehicle cybersecurity strategies informing leadership disrupting cyber-attacks and mentoring junior analysts by identifying adversary Tactics Techniques and Procedures (TTPs) to enhance GMs overall security posture. This position demands technical expertise analytical rigor and strong communication skills to translate complex security data into clear business risks. The position requires collaboration with a variety of teams across GM to enable actionable mitigation strategies for GM stakeholders.

What Youll Do

Threat Intelligence Production & Analysis:

- Collect normalize and analyze threat data from commercial feeds deep/dark web forums ISACs law enforcement partners open sources and internal telemetry on vulnerabilities exploits malware and threat actors targeting connected vehicle IT HR manufacturing and supply chain environments.

- Produce clear concise and well-structured intelligence products (alerts briefings assessments and dashboards) tailored to different audiences (SOC executives engineers developers and business stakeholders).

- Maintain uptodate awareness of adversary TTPs emerging malware ransomware trends fraud schemes and sectorrelevant developments (e.g. automotive manufacturing supply chain).

- Shape prioritization of remediation and control improvements by clearly articulating risk likely impact and recommended actions.

Operational Support & Incident Response
- Provide oncall intelligence support for Security Operations joining incident triage calls to contextualize alerts prioritize actions and recommend mitigations.
- Enrich investigations and cases in tools such as MISP OpenCTI and ServiceNow with IOCs threat group context and likely courses of action.
- Conduct ad hoc research and RFIs to support time-sensitive investigations executive questions and crossfunctional initiatives.

Stakeholder Engagement & Collaboration
- Build and maintain effective working relationships with internal stakeholders (Cyber Defense Product Cybersecurity Manufacturing Third Party Cybersecurity Legal Red Team etc.) and external partners (ISACs vendors and law enforcement as appropriate).
- Participate in recurring threat intel updates briefings and working sessions; adapt messaging to technical and nontechnical audiences.
- Gather feedback on intelligence products and services and use it to improve relevance timeliness and usability.

Process Tooling and Measurement
- Contribute to the development and continuous improvement of intelligence workflows SOPs and playbooks leveraging automation wherever feasible.
- Use and help evolve key performance indicators (e.g. timeliness of IOC ingestion pipeline health customer satisfaction and PIR coverage) to demonstrate measurable value from CTI.
- Follow a requirements-driven approach to ensure intelligence production is aligned with Threat Intelligence Requirements (PIRs) and organizational risk.

- Serve as a subject matter expert and mentor junior analysts fostering a culture of continuous learning and technical excellence within GMs security team.

Your Skills & Abilities (Required Qualifications)

• Bachelors degree in Computer Science Cybersecurity Information Systems or related discipline; or equivalent combination of education and relevant experience.
• 5yearsof experience in at least one of the following areas:
  • Cyber threat intelligence.
  • Incident response / detection engineering.
  • Threat hunting.
  • Security operations or closely related technical security roles.
• Strong understanding of:
  • Common adversary TTPs intrusion kill chains and MITRE ATT&CK.
  • Core network endpoint and cloud security concepts.
  • Cyber attack vectors detection techniques and common exploit patterns.
• Demonstrated ability to:
  • Research and analyze complex technical information and distill it into actionable businessrelevant recommendations.
  • Write clear concise intelligence products in English for both technical and executive audiences.
  • Work effectively in a fastpaced environment managing multiple concurrent priorities.
  • Demonstrated ability to prepare and deliver clear concise and accurate verbal briefings to both technical and non-technical stakeholders including senior leadership with a focus on actionable insights.
• Experience with at least some of the following:
  • Threat intelligence platforms and sharing tools (e.g. MISP Recorded Future VirusTotal).
  • SIEM / logging platforms(e.g. Google Secops QRadar Splunk or equivalent).
  • Case management and ticketing systems (e.g. ServiceNow).
  • Basic scripting or data analysis (e.g. Python SQL Jupyteror similar) for IOC processing and enrichment.

What Will Give You a Competitive Edge (Preferred Qualifications)

• Experience working in a large enterpriseautomotive/manufacturing environment.
• Prior involvement with:
  • Information sharing communities (e.g. AutoISACor other ISACs).
  • Thirdparty/supply chain cyber risk assessment.
• Industry-recognized certifications such as:
  • GCTI GCIH GCIA GCFA GREM or similar blue-team/CTI certifications.
  • Security CySA or equivalent information security certifications.
• Familiarity with requirements-driven and capability-maturity approaches to CTI and integration with frameworks like NIST CSF.

About GM

Our vision is a world with Zero Crashes Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better safer and more equitable for all.

Why Join Us

We believe we all must make a choice every day individually and collectively to drive meaningful change through our words our deeds and our culture. Every day we want every employee to feel they belong to one General Motors team.

Benefits Overview

From day one were looking out for your well-beingat work and at homeso you can focus on realizing your ambitions. Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources.

Non-Discrimination and Equal Employment Opportunities (U.S.)

General Motors is committed to being a workplace that is not only free of unlawful discrimination but one that genuinely fosters inclusion and belonging. We strongly believe that providing an inclusive workplace creates an environment in which our employees can thrive and develop better products for our customers.

All employment decisions are made on a non-discriminatory basis without regard to sex race color national origin citizenship status religion age disability pregnancy or maternity status sexual orientation gender identity status as a veteran or protected veteran or any other similarly protected status in accordance with federal state and local laws.

We encourage interested candidates to review the key responsibilities and qualifications for each role and apply for any positions that match their skills and capabilities. Applicants in the recruitment process may be required where applicable to successfully complete a role-related assessment(s) and/or a pre-employment screening prior to beginning employment. To learn more visit How we Hire.

Accommodations

General Motors offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment email us or call your email please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.