GE Careers
Apply Now    

Sr Product Security Analyst

  • GE Digital
  • Experienced
  • Posted 12/11/2017 1:49:26 PM
  • 3039654
  • Job Function: Digital Technology
  • Business Segment: Digital Technology
Location(s): United States; Michigan, Ohio, Virginia; Glen Allen, Van Buren, Cincinnati


About Us:
GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.

At GE Digital, we are creating technology and solutions to enable social, mobile, analytical and cloud capabilities
for the Industrial Internet. The Industrial Internet is an open, global network that connects people, data and
machines. It’s about making infrastructure more intelligent and advancing the industries critical to the world we
live in. At GE, we believe it’s about the future of industry—energy, healthcare, transportation, manufacturing. It’s
about making the world work better. GE is transforming itself to become the world's premier digital industrial
company, executing critical outcomes for our customers. Explore how you can drive greater asset reliability, lower
operating costs, reduce risk and accelerate operational performance with our Predix platform and software
solutions.
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

Role Summary:
We are looking for a Sr. Product Security Analyst, with a focus in vulnerability management and incident response capability. In this role you will work in a team to identify, risk rate, communicate and track product vulnerabilities and be a part of the product incident response team.

Essential Responsibilities:
  • You are a skilled Analyst who enjoys security work and is an expert in systems security, product / OT security and application security. In this role, you will be working with product managers, independent researchers, and in-house researchers to identify, rate, report and manage product vulnerabilities and incidents.

    In this role, you will:
    • Be able to scope and participate in vulnerability identification and vulnerability risk assessment
    • Engage in incident response methods; lead incident response processes related to product cyber
    • Create and track meaningful metrics around product cyber risk and compensating controls
    • Create vulnerability and incident trend analysis to improve product design
    • Engage and administer End Of Life processes for digital products
    • Help prepare reports at appropriate levels of confidentiality for stakeholders to view
    • Provide day-to-day case management for product vulnerabilities reported in GE products
    • Serve as a liaison to external parties, such as DHS, ICS, CERT, and other government agencies
    • Facilitate day-to-day communications with engineering teams regarding product security initiatives
    • Analyzing product spend and financial analysis in support of product management


  • Qualifications/Requirements:

    Basic Qualifications:

  • BS degree in Computer Engineering or in a STEM major (Science, Technology, Engineering, or Math). In lieu of degree, 5 years experience in cyber security, cyber intelligence or relevant military experience is acceptable.
  • Minimum 4 years experience in Emergency Management, Homeland
    Security and and Incident Command System disciplines.
  • Willingness to support response activities, with some on-call work.

  • Eligibility Requirements: (Country Specific)
  • Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job
  • Must be willing to travel up to 15%
  • Must be willing to work out of an office located in Cincinnati, Ohio or Glen Allen, Virginia, Van Buren, MI


  • Desired Characteristics:
  • Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance
  • Program and Project Management experience; expertise with Agile development teams
  • Experience with secure coding principles; code signing; secure boot
  • Experience with penetration testing and ethical hacking
  • Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
  • Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)
  • Experienced in developing web services (SOAP/REST)
  • Must be available for on call for potential security response
  • Knowledge of application risk identification and evaluation techniques
  • Knowledge of Cyber Security and full knowledge of multiple related engineering functions
  • Experience securing applications within cloud platforms such as AWS, Azure and alike.
  • Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment
  • Excellent written and verbal communication skills
  • Ability to work in fast paced environments
  • Information sharing,
    synthesis and report development to support vulnerability and incident
    response
  • Vulnerability and
    Incident coordination
  • Process development in
    line with Incident Command System
  • Impact analysis
    reporting
  • Knowledge of
    project/program budgeting, tracking and reallocation to support commercial
    product management horizontal
  • #DTR



  • Locations: United States; Michigan, Ohio, Virginia; Glen Allen, Van Buren, Cincinnati

    GE offers a great work environment, professional development, challenging careers, and competitive compensation.  GE is an Equal Opportunity Employer.  Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

    GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditional upon the successful completion​ of a background investigation and drug screen.


    Apply Now    
    Link for schema

    GE Careers Technical Assistance

    Having technical issues with ge.com/careers or your application? We're here to help.

    Get In Touch

    Connect With Us

    Stay up to date on GE and possible opportunities that open in areas that interest you.

    Sign Up