Location(s): United States; Michigan, Virginia; Glen Allen, Van Buren Township
About Us: At GE Digital, we are creating technology and solutions to enable social, mobile, analytical and cloud capabilities for the Industrial Internet. The Industrial Internet is an open, global network that connects people, data and machines. It’s about making infrastructure more intelligent and advancing the industries critical to the world we live in. At GE, we believe it’s about the future of industry—energy, healthcare, transportation, manufacturing. It’s about making the world work better. GE is transforming itself to become the world's premier digital industrial company, executing critical outcomes for our customers. Explore how you can drive greater asset reliability, lower operating costs, reduce risk and accelerate operational performance with our Predix platform and software solutions. GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Role Summary: The Cloud Security Risk Analyst will be responsible for the execution of risk assessments and security reviews with a focus on cloud technology deployments. This will include performing risk management activities designed to improve risk posture while clearly communicating recommendations to leadership.
Identify and manage existing and potential information security risks related to cloud security
Serve as an SME responsible for cloud based risk assessments and security reviews
Develop and maintain risk assessments related to cloud security and ensure they are aligned to enterprise security standards and industry best practices
Create and maintain cloud security technical documentation to drive reuse of security designs
Ensure appropriate security and risk processes are followed for cloud security deployments
Identify and communicate security control gaps, associated risks, and recommendations to leadership and product owners
Define risk parameters and perform risk quantification exercises (inherent and residual)
Recommend risk assessment improvements by reviewing current environment, evaluating trends, and anticipating emerging requirements
Partner with key industry peers to conduct benchmarking exercises to provide perspective on cloud technology risk assessment program maturity and to proactively implement best practices
Bachelor's degree in Information Systems or related field
• Minimum of 3 years of experience in Information Security or IT risk management field
• 2 years of experience directly related to the cloud information security field or cloud operations
Legal authorization to work in the U.S. is required.We will not sponsor individuals for employment visas, now or in the future, for this job.
Industry-recognized security certification such as CISSP, CCSP, or CRISC
Strong oral and written communication skills – Able to communicate appropriately to both technical and management audiences
Demonstrated knowledge with security frameworks such as Cloud Security Alliance (CSA), International Organization for Standardization (ISO), National Institute of Standards and Technology (NIST), etc.
Subject matter expertise on cloud security concepts
Ability to differentiate risks and required security controls across cloud deployment models (public, hybrid, private), and service models (IaaS, PaaS, and SaaS)
Locations: United States; Michigan, Virginia; Glen Allen, Van Buren Township
We are in the process of transitioning to an improved job application system and in the interim we are operating with two systems. Have your Job ID ready (from the email you received when you applied) to log in and check your application status.
Click the appropriate button. If you don't know your job ID, you can still check your status: use both buttons.