Senior Vulnerability Intelligence Analyst

About The Position

Requirements

• Bachelor’s degree in Information Security, Computer Science, or relevant cybersecurity degree
• 4+ years of cybersecurity experience, with at least 3 years in vulnerability management, threat intelligence, or security analysis.
• Deep understanding of CVE tracking, vulnerability scoring systems (CVSS v3.x+), Exploit Prediction Scoring System (EPSS), adversarial TTPs, frameworks (MITRE ATT&CK), and the threat landscape.
• Strong knowledge of Windows, Linux, macOS, cloud environments (AWS, Azure, GCP), and enterprise architecture.
• Proficiency with VM tools (Nessus, Tenable, Qualys, Wiz), SIEM, and threat intelligence platforms.
• Exceptional analytical and communication skills.

Nice To Haves

• Relevant certifications (CISSP, CISM, GCTI, OSCP) preferred.

Responsibilities

• Risk Prioritization and Scoring: Develop and refine a risk-based prioritization framework by integrating external intelligence sources (e.g., CVE databases, threat feeds, vendor reports, dark web monitoring) to rank vulnerabilities, assess exploitability and business impact.
• Patch Tuesday: Coordinate and support GM’s Patch Tuesday operations, providing timely analysis of newly released vendor patches, identifying critical vulnerabilities, and advising on patching priorities for GM’s technology stack.
• Cross-Team Collaboration: Partner closely with Vulnerability Management, IT Operations, Engineering, and other stakeholders to ensure effective communication, risk mitigation, and remediation of prioritized vulnerabilities.
• Threat Intelligence Analysis: Conduct in-depth analysis of emerging threats, attack vectors, and proof-of-concept exploits to determine who is targeting what vulnerabilities and how.
• Reporting and Communication: Deliver high-quality intelligence reports, executive briefings, dashboards, and technical alerts tailored for GM leadership, technical teams, and incident response units.
• Strategic Guidance and Mitigation: Advise GM stakeholders on patching priorities, compensating controls, and risk acceptance decisions, ensuring recommendations are aligned with GM’s risk appetite and operational requirements.
• Process Improvement: Continuously improve GM’s vulnerability intelligence processes, tools, and methodologies to enhance the speed and accuracy of threat identification and response.
• Mentorship and Leadership: Serve as a subject matter expert and mentor junior analysts, fostering a culture of continuous learning and technical excellence within GM’s security team.

Benefits

• From day one, we're looking out for your well-being–at work and at home–so you can focus on realizing your ambitions. Learn how GM supports a rewarding career that rewards you personally by visiting Total Rewards resources.