About Us: GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.
At GE Digital, we are creating technology and solutions to enable social, mobile, analytical and cloud capabilities for the Industrial Internet. The Industrial Internet is an open, global network that connects people, data and machines. It’s about making infrastructure more intelligent and advancing the industries critical to the world we live in. At GE, we believe it’s about the future of industry—energy, healthcare, transportation, manufacturing. It’s about making the world work better. GE is transforming itself to become the world's premier digital industrial company, executing critical outcomes for our customers. Explore how you can drive greater asset reliability, lower operating costs, reduce risk and accelerate operational performance with our Predix platform and software solutions. GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Role Summary: The Staff Cyber Security Researcher will serve as a technical security resource responsible for identifying vulnerabilities and working with development teams to design / implement solutions to ensure and protect the safety and security of all information systems. Assess GE applications and software products across all businesses and provide guidance / direction for the protection of information systems and intellectual property assets.
Responsible for assessing the security of GE leading edge technology and work with senior-level peers to define remediation activities
Work closely with IT security professional throughout GE
Conduct system security assessments including security / penetration testing and vulnerability assessments
Utilize both manual methods and automated tools to identify and exploit vulnerabilities
Further enhance system and application security assessment methodologies and processes
Evaluate emerging technologies / tools to detect, mitigate, triage and remediate software security defects across the enterprise
Work with application and product teams GE-wide to encourage a security mindset throughout software development from concept to testing and implementation
Bachelor's Degree in Computer Science, Computer System Engineering or other technical discipline (or a High School Diploma / GED with a minimum 5 years of IT technical experience)
Minimum 2 years of experience in web, mobile and client/server application security testing, application security architecture, operating system, network, database, Industrial Control Systems, Smart Grid and embedded system security
Minimum 2 years of experience performing penetration tests using automated security tools and manual techniques
Minimum 1 year of experience working with, or developing, secure coding standards for C / C++, Java, and Angular, Node.js
Legal authorization to work in the U.S. is required.We will not sponsor individuals for employment visas, now or in the future, for this job.
Familiar with cyber security attack scenarios and common vulnerabilities
Familiar with software risk assessments and threat modeling
Experience in Cryptography (as applicable to software and system), fuzzing, assembly, exploits and firmware analysis
Familiar with SCADA, PLC, embedded systems in general
Training in Information Security-specific disciplines
GIAC - GPEN, MCP, CEH, CISM, CISSP certification
Ability to work with globally diverse and distributed teams
Strong track record of understanding and interest in current and emerging technologies demonstrated through training, job experience and / or industry activities
We are in the process of transitioning to an improved job application system and in the interim we are operating with two systems. Have your Job ID ready (from the email you received when you applied) to log in and check your application status.
Click the appropriate button. If you don't know your job ID, you can still check your status: use both buttons.