Atlanta, Greenville, Schenectady, Cincinnati
India, United States
The Staff Cyber Security Researcher will be part of a growing security team dedicated to the protecting our products and customers from the increasing risk and impact of cyber-attack on critical infrastructure in the power industry. With the growth of digital connectivity, our customers attack surface is expanding exponentially; at GE we are taking an aggressive role in building products and services used in ours defense strategies against the consequences of a cyber related attack.
In this role you will have responsibility for performing product security assessments for Power engineering, presenting results to engineering and participating in remediation activities. Responsibilities can include technical assessment, product design considerations, compensating controls, field deployment and site commissioning of GE Power products. You will have frequent interaction with cyber experts from across the Digital Technology and Power organization as well and design and requisition engineers responsible for system integration and deployment that delivers customer and business results.
In this role you will:
· Perform and participate in hardware and software penetration tests, vulnerability assessments and vulnerability risk assessment
· Engage with Power business domain experts in implementing cyber risk reduction strategies
· Create and track metrics around product cyber risk and compensating controls
· Engage and lead End Of Life processes and strategies for products
· Architect on security requirements and utilize best practices to meet them
· Engage in application and domain-specific threat modeling and attack surface analysis/reduction
· Prepare and lead discussion on remediation strategies with Power business engineers and leaders
· Responding promptly and in detail to customer-sponsored penetration tests
· Evaluate and recommend new and emerging security products and technologies
· BS degree or higher in Engineering or in a STEM major (Science, Technology, Engineering, or Math)
· Minimum of 6 years Engineering experience, preferably Power Business
· 1+ years of experience and awareness with IT or OT cyber background in design, detection, response
· Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job
· Limited travel may be required
· Must be willing to work out of an office location: Atlanta, Greenville, Schenectady, Cincinnati
· Experience working in a matrixed organization
· Understands technical and business discussions relative to future products aligning with business.
· Experience with product application and/or systems security
· Experience with interrogation tools such as Nessus, Burp Suite, and Scapy
· Ability to read and write software used for product security assessments in Python, Java, or C/C++
· Ability to decompose product architecture and design in software or hardware
· Ability to identify security flaws without source code through binary analysis, reverse engineering, or debugging running products
GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is anEqual Opportunity Employer . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Additional Eligibility Qualifications
GE will only employ those who are legally authorized to work in the United States for this opening.