Job Description SummaryWe are looking for a Senior Staff Incident Responder to join our growing team, planning, preparing, hunting for, and responding to cyber incidents stemming from internal and external threat actors. Demonstration of leadership abilities across threat environments as well as a strong comprehension of cloud security, malware, emerging threats and calculating risk will be critical to success.Job Description
This role includes the oversight, coordination, communication and management of incident response and remediation of Cyber Security incidents reporting to the Director of Detection and Incident Response at GE Aerospace. This role is a cyber security Incident Responder driven to create and implement enterprise-class response strategies, with a focus on identifying and driving future-state direction of the Response program at GE Aerospace working with GE’s global CIRT team. The role includes managing Aviation’s response program, identification of process improvements, defining measurements, conduct operational reviews and align with business objectives around key risk reduction. Demonstration of leadership abilities, strong verbal, and written capability as well as a strong comprehension of emerging threats, defensive technologies and response methodologies is critical.
Qualifications/Requirements:
Bachelor’s degree from accredited university or college with minimum of 5 years of professional experience OR Associates degree with minimum of 8 years of professional experience OR High School Diploma with minimum of 10 years of professional experience
Minimum 5 years of professional experience in Cyber
Note: Military experience is equivalent to professional experience
Eligibility Requirement:
-Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job.
Ability to obtain and maintain a US Government SECRET security clearance
Desired Characteristics:
The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler.
• Experience with Network Security Monitoring, SIEM and/or response related activities
• Experience with host-centric detection & response skills, as well as process automation
• Detailed understanding of APT, Cyber Crime and other associated tactics
• Professional experience with Cyber Security, Operations Security
• Experience with host based detection and prevention suites (McAfee EPO, OSSEC, Yara, MIR, CarbonBlack, Tanium, etc.)
• Experience with host-centric tools for forensic collection and analysis (SleuthKit, Volatility Framework, FTK, Encase, etc.)
• Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis)
• Experience with malware and reverse engineering (Dynamic and static analysis)
• Strong IT infrastructure background including familiarity with the following:
• Networking (TCP/IP, UDP, Routing)
• Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)
• Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.)
• System/Application vulnerabilities and exploitation
• Operating systems (Windows, *Nix, and Mac)
• Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques
• CISSP, CISM or related SANs certifications preferred
• Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG
• Lead technical projects of cloud based digital security, incident detection and response
• Specialize in design and building automation utilizing native cloud services
• Perform daily response operations with a schedule that may involve nontraditional working hours - act as escalation point and subject matter expert during AWS cloud incidents
• Build, test and tune custom automation, aiding in the efficiency of our response capabilities
This role requires access to U.S. export-controlled information. If applicable, final offers will be contingent on ability to obtain authorization for access to U.S. export-controlled information from the U.S. Government.
Additional Information
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
Relocation Assistance Provided: No
LI-Remote - This is a remote position