Location(s): United States; Alabama, Alaska, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, District of Columbia, Florida, Georgia, Hawaii, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin, Wyoming; Houston, all U.S. cities, remote
About Us: GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.
Baker Hughes, a GE company (NYSE:BHGE) is the world’s first and only fullstream provider of integrated oilfield products, services and digital solutions. We deploy minds and machines to enhance customer productivity, safety and environmental stewardship, while minimizing costs and risks at every step of the energy value chain. With operations in over 120 countries, we infuse over a century of experience with the spirit of a startup – inventing smarter ways to bring energy to the world. Follow Baker Hughes, a GE company on Twitter @BHGECo, or visit us at BHGE.com.
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Role Summary: This role will lead the Cyber Security, Risk, and Compliance Strategy for BHGE. This forward-looking role will understand the current capability, capacity of the CSRC organization against the BHGE business priorities to build a strategic security roadmap. Develop and maintain organizational metrics to measure maturity and program/project progress. Spans three distinct business environments – Enterprise Architecture, OT/Factory environments, and Predix.
Develop a deep understanding of the current architectural design, program and project demands on the CSRC organization. Ensure recognized best-practices are fully cataloged, documented and readily accessible for re-use by project teams.
Drive a focus of automation across the CSRC organization. Recognize and implement opportunities for reducing repetitive, manual tasks, esp. in the area of controls testing.
Define and assess BHGE’s Cyber Security, Risk, and Compliance organizational capabilities and maturity against recognized industry frameworks (e.g. NIST CSF, Product Security)
Establish a comprehensive roadmap to further mature BHGE’s cyber security capabilities, including the development of on-going measurements to track progress
Program manage the delivery and embedding of major functional enhancements across the CSRC organization
Develop a program to review and consolidate the security and compliance landscape of applications/tools. Drive implementation of an end to end GRC tool.
Liaise across the BHGE DT organization to understand business imperatives, strategic drivers, and the inherent risk of these plans. Establish a forward-looking, secure infrastructure environment to support these business objectives.
Engage with GE Corporate, technology providers, and industry leaders to understand emerging trends in infrastructure, cloud technology, automation, sensor technology, etc. and develop a roadmap for leveraging these new ways of working. Actively participate on committee and working groups to further the securing of our infrastructure environments.
Create a clear understanding of the program and project demands on the CSRC organization and look for ways to best deliver these consultancy services.
Continually focus on understanding new threats to the BHGE landscape and communicating these threats in business terminology.
Communicate and present to executive leadership
Liaise with Enterprise Architects and Security Architects to build and continuously update security controls to meet new threats
Familiarity with DoE, NRC, NIST, DHS, & ISO 2700x security requirements and risk management frameworks
Bachelor's Degree in Information Systems, Information Technology, Computer Science, or Engineering from an accredited College or University OR High School Diploma / GED with a minimum of 4 years of industry experience
Minimum of 10 years of strong IT Security experience and staff leadership
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job.
Recognized leader in implementing company-wide secure solutions
Hands on experience in addressing Product Security and OT challenges
Experience with cloud technologies, security metrics, secure architecture and design, secure network architectures, identity and access management principles, and secure software development
Broad background in the following areas: computer / OT security, network security, hardware security, firmware security, and embedded platform security
Understanding of engineering product lifecycle management (PLM) and enterprise resource planning (ERP) systems
Familiarity with DoE, NRC, NIST, DHS security requirements
Experience managing / developing IT budgets
Proven ability to deliver while under tight timelines
Demonstrated ability to proactively analyze and solve complex problems
Strong understanding of project management methodologies
Experienced with outsourced IT engagements
Effective communication skills, listening and negotiation skills in order to articulate ideas and thoughts clearly through various means, including written and oral communications with all levels of the organization
Ability to work in a fast paced, performance / quality driven environment
Strong organizational, consultative and collaboration skills
Ability to build and maintain effective working relationships with all levels of management and staff
Strong knowledge and understanding of business needs, with the ability to establish and maintain a high level of customer trust and confidence in the security team's concern for customers
All US locations will be considered for this position
Ability to support large and complex BHGE organization, which includes Downstream & Unconventional Products & Services, Drilling & Surface, Lufkin, Measurement & Control, PII Pipeline Solutions, Subsea Systems, and Turbomachinery Products & Services
Locations: United States; Alabama, Alaska, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, District of Columbia, Florida, Georgia, Hawaii, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin, Wyoming; Houston, all U.S. cities, remote
We are in the process of transitioning to an improved job application system and in the interim we are operating with two systems. Have your Job ID ready (from the email you received when you applied) to log in and check your application status.
Click the appropriate button. If you don't know your job ID, you can still check your status: use both buttons.