Third-Party Cybersecurity Incident Analyst

General MotorsAustin, MI
1dHybrid
Match Resume

About The Position

This role is categorized as hybrid. This means the successful candidate is expected to report to Warren, MI or Austin, TX three times per week, at minimum [or other frequency dictated by the business if more than 3 days]. The Role GM’s Cybersecurity Team safeguards the company’s global information assets, networks, and infrastructure. Our mission is to proactively defend GM against evolving cyber threats through strategic leadership, technical excellence, and innovative risk management. We seek cybersecurity professionals with advanced expertise, capable of driving enterprise security initiatives and influencing organizational resilience. What You’ll Do As a Third-Party Cybersecurity Incident Analyst, you will independently lead high-impact incident response activities involving GM’s third-party partners. This role requires strategic oversight, technical depth, and the ability to guide cross-functional teams through complex cyber investigations. You will serve as a trusted advisor, driving critical decision-making, influencing enterprise risk posture, and ensuring the integrity and conti nuity of GM’s business operations. You will collaborate with other GM teams and suppliers to assess attack vectors, coordinate containment, and evaluate strategic impacts, including information exposure, operational disruptions, and supply chain risks. The position demands high autonomy, initiative, and the ability to communicate complex technical findings to executive leadership and business stakeholders. This role requires innovative thinking, exceptional judgment, and broad application of cybersecurity principles to solve enterprise-wide challenges.

Requirements

  • Education: Bachelor’s degree in Information Systems, Computer Science, Information Security, or related field.
  • Experience: At least 7 years in information security with prior incident management, security operations, and cyber event analysis experience.
  • Technical Skills: Expert in cyber incident detection, investigation, and response, especially third-party and supply chain risk; knowledge of application, network, and OS security controls; understanding of vulnerability management and risk mitigation.
  • Leadership & Communication: Proven ability to lead complex cyber event activities, communicate technical findings to executives, and mentor team members.
  • Analytical & Strategic Skills: Strong investigative mindset; able to translate technical analysis into strategic business recommendations; highly detail-oriented and organized.
  • Integrity & Discretion: Trusted with confidential and sensitive information at the enterprise level.
  • Customer Service & Influence: Builds trust and influences at all organizational levels; familiar with industry-recommended security controls and adoption in third-party ecosystems.
  • Threat Knowledge: Comprehensive understanding of attack vectors, threat autonomy, and advanced adversary tactics.

Nice To Haves

  • Education: Advanced degree in Information Systems, Computer Science, Information Security, or related field.
  • Experience: At least 8+ years in information security with prior incident management, security operations, and cyber event analysis experience.
  • Certifications: Advanced industry certifications (e.g., CISSP, GCIA, GCIH) highly desirable.

Responsibilities

  • Lead the triage, analysis, and escalation of critical third-party cybersecurity incidents, ensuring alignment with GM’s strategy.
  • Assess incident impacts and urgency, guide containment actions, and provide expert advice to technical and non-technical stakeholders.
  • Oversee investigations, incident tracking, and resolution, ensuring thorough documentation and reporting.
  • Collaborate cross-functionally with Cyber Defense, GMIT, Legal, Purchasing, and leadership for effective response operations.
  • Engage external partners to determine root causes and shape third-party risk management.
  • Provide strategic support during high-priority and after-hours third-party incidents
  • Prepare and deliver executive-level reports and metrics to support informed decision-making.
  • Mentor and guide others, fostering skill development across the team.
  • Drive continuous improvement of incident response processes, tools, and methods
  • Coordinate communications with stakeholders and executive leadership, maintaining transparency and alignment during incidents.
  • Communicate identified 3rd party failed security controls, championing strategic organizational improvements.
  • Influence and shape GM’s security policies, standards, and long-term cybersecurity strategy.

Benefits

  • GM offers a variety of health and wellbeing benefit programs. Benefit options include medical, dental, vision, Health Savings Account, Flexible Spending Accounts, retirement savings plan, sickness and accident benefits, life insurance, paid vacation & holidays, tuition assistance programs, employee assistance program, GM vehicle discounts and more.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Job Search Resources

Similar Third-Party Cybersecurity Incident Analyst job opportunities

Third-Party Cybersecurity Risk Manager
Caterpillar
Caterpillar • East Peoria, IL2d • Onsite
Third-Party Cybersecurity Risk Manager
Caterpillar Inc.
Caterpillar Inc. • Nashville, TN4d • Onsite
🔥 New JobThird-Party Risk Analyst
Starion Bank
Starion Bank • Bismarck, ND16h • Hybrid
Third Party Risk Analyst I
Pennsylvania State Employees Credit Union
Pennsylvania State Employees Credit Union • Harrisburg, PA12d • Hybrid
Third Party Risk Analyst II
Frost Bank
Frost Bank • San Antonio, TX9d
Cybersecurity Incident Lead
Hearst Corporate
Hearst Corporate • New York, NY3d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service