GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.
At GE Digital, we are creating technology and solutions to enable social, mobile, analytical and cloud capabilities for the Industrial Internet. The Industrial Internet is an open, global network that connects people, data and machines. It’s about making infrastructure more intelligent and advancing the industries critical to the world we live in. At GE, we believe it’s about the future of industry—energy, healthcare, transportation, manufacturing. It’s about making the world work better. GE is transforming itself to become the world's premier digital industrial company, executing critical outcomes for our customers. Explore how you can drive greater asset reliability, lower operating costs, reduce risk and accelerate operational performance with our Predix platform and software solutions. GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Role Summary: The Staff Incident Responder will be part of a dynamic, growing team, planning, preparing, hunting for, and responding to cyber incidents stemming from internal and external threat actors. Demonstration of leadership abilities in a large corporate environment as well as a strong comprehension of malware, emerging threats and calculating risk will be critical to success. Finally, this role requires the ability to work with minimal direction from Incident Response and company leadership.
Lead technical aspects of digital security incident detection and response, focusing on very unstructured incidents and high-risk events.
Specialize in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and/or log-centric analysis (SIEM).
Perform daily response operations with a schedule that may involve nontraditional working hours - act as escalation points for Information Security Incident Analysts.
Write signatures, tune systems/tools, and develop scripts and correlation rules.
Mentor and train Event and Incident Analysts as required.
The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision-making skills to handle the often fast-paced role of an incident handler.
Utilize discretion and confidentiality daily; while pulling in the right resources to help resolve concerns.
Bachelor’s Degree in Computer Science or in “STEM” Majors (Science, Technology, Engineering and Math) or a High school diploma with a minimum of 4 years of IT experience
Minimum 3 years of experience in cyber security
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job
The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision-making skills to handle the often fast-paced role of an incident handler
Strong verbal and written communication skills
Detailed understanding of APT, Cyber Crime and other associated tactics
Strong track record of understanding and interest in recognized IT and OT security-related standards and technologies, demonstrated through training, job experience and/or industry
Knowledge of and/or working on GE OT products
Professional experience with Cyber Security, Operations Security, Product Security, Industrial Control Systems (ICS), Information Assurance, and Information Technology
Experience with host based detection and prevention suites (McAfee EPO, OSSEC, Yara, MIR, CarbonBlack, Tanium, etc.)
Experience with host-centric tools for forensic collection and analysis (SleuthKit, Volatility Framework, FTK, Encase, etc.)
Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis)
Experience with malware and reverse engineering (Dynamic and static analysis)
Strong IT infrastructure background including familiarity with the following:
Networking (TCP/IP, UDP, Routing)
Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)
Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.)
System/Application vulnerabilities and exploitation
Operating systems (Windows, *Nix, and Mac)
Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques
CISSP, CISM or related SANs certifications preferred
Active US government security clearance
Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG
We are in the process of transitioning to an improved job application system and in the interim we are operating with two systems. Have your Job ID ready (from the email you received when you applied) to log in and check your application status.
Click the appropriate button. If you don't know your job ID, you can still check your status: use both buttons.