Sr. Cyber Threat Intelligence Analyst - Security Operations
Job Description
The Role GM’s Cybersecurity Team safeguards the company’s global information assets, networks, and infrastructure. Our mission is to proactively defend GM against evolving cyber threats through strategic leadership, technical excellence, and innovative risk management. We seek cybersecurity professionals with advanced expertise, capable of driving enterprise security initiatives and influencing organizational resilience. General Motors (GM) is seeking a Senior Cyber Threat Intelligence Analyst to join the Cybersecurity team. This strategic role will proactively analyze and translate complex threat data into actionable intelligence, guiding GM’s IT and connected vehicle cybersecurity strategies, informing leadership, disrupting cyber-attacks, and mentoring junior analysts by identifying adversary Tactics, Techniques, and Procedures (TTPs) to enhance GM’s overall security posture. This position demands technical expertise, analytical rigor, and strong communication skills to translate complex security data into clear business risks. The position requires collaboration with a variety of teams across GM to enable actionable mitigation strategies for GM stakeholders.
What You'll Do
Threat Intelligence Production & Analysis: - Collect, normalize, and analyze threat data from commercial feeds, deep/dark web, forums, ISACs, law enforcement partners, open sources, and internal telemetry on vulnerabilities, exploits, malware, and threat actors targeting connected vehicle, IT, HR, manufacturing and supply chain environments. - Produce clear, concise, and well-structured intelligence products (alerts, briefings, assessments, and dashboards) tailored to different audiences (SOC, executives, engineers, developers, and business stakeholders). - Maintain up‑to‑date awareness of adversary TTPs, emerging malware, ransomware trends, fraud schemes, and sector‑relevant developments (e.g., automotive, manufacturing, supply chain). - Shape prioritization of remediation and control improvements by clearly articulating risk, likely impact, and recommended actions. Operational Support & Incident Response - Provide on‑call intelligence support for Security Operations, joining incident triage calls to contextualize alerts, prioritize actions, and recommend mitigations. - Enrich investigations and cases in tools such as MISP, OpenCTI, and ServiceNow with IOCs, threat group context, and likely courses of action. - Conduct ad hoc research and RFIs to support time-sensitive investigations, executive questions, and cross‑functional initiatives. Stakeholder Engagement & Collaboration - Build and maintain effective working relationships with internal stakeholders (Cyber Defense, Product Cybersecurity, Manufacturing, Third Party Cybersecurity, Legal, Red Team, etc.) and external partners (ISACs, vendors, and law enforcement as appropriate). - Participate in recurring threat intel updates, briefings, and working sessions; adapt messaging to technical and non‑technical audiences. - Gather feedback on intelligence products and services and use it to improve relevance, timeliness, and usability. Process, Tooling, and Measurement - Contribute to the development and continuous improvement of intelligence workflows, SOPs, and playbooks, leveraging automation wherever feasible. - Use and help evolve key performance indicators (e.g., timeliness of IOC ingestion, pipeline health, customer satisfaction, and PIR coverage) to demonstrate measurable value from CTI. - Follow a requirements-driven approach to ensure intelligence production is aligned with Threat Intelligence Requirements (PIRs) and organizational risk. - Serve as a subject matter expert and mentor junior analysts, fostering a culture of continuous learning and technical excellence within GM’s security team. Your Skills & Abilities (Required Qualifications) Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related discipline; or equivalent combination of education and relevant experience. 4+ years of experience in at least one of the following areas: Cyber threat intelligence. Incident response / detection engineering. Threat hunting. Security operations or closely related technical security roles. Strong understanding of: Common adversary TTPs, intrusion kill chains, and MITRE ATT&CK. Core network, endpoint, and cloud security concepts. Cyber attack vectors, detection techniques, and common exploit patterns. Demonstrated ability to: Research and analyze complex technical information and distill it into actionable, business‑relevant recommendations. Write clear, concise intelligence products in English for both technical and executive audiences. Work effectively in a fast‑paced environment, managing multiple concurrent priorities. Demonstrated ability to prepare and deliver clear, concise, and accurate verbal briefings to both technical and non-technical stakeholders, including senior leadership, with a focus on actionable insights. Experience with Apply tot his job Apply To this Job