Wauwatosa, Chicago, Van Buren Township
Healthcare Digital Technology
Illinois, Michigan, Wisconsin
The Staff Incident Responder will be part of a dynamic, growing team, planning, preparing, hunting for, and responding to cyber incidents stemming from internal and external threat actors. Demonstration of leadership abilities in a large corporate environment as well as a strong comprehension of malware, emerging threats and calculating risk will be critical to success. Finally, this role requires the ability to work with minimal direction from Incident Response and company leadership.
In this role, you will:
· Lead technical aspects of digital security incident detection and response, focusing on very unstructured incidents and high-risk events.
· Specialize in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and/or log-centric analysis (SIEM)
· Perform daily response operations with a schedule that may involve nontraditional working hours - act as escalation points for Information Security Incident Analysts
· Write signatures, tune systems/tools, and develop scripts and correlation rules
· Mentor and train Event and Incident Analysts as required
· Develop, maintain, unify and simplify our compartmentalized log monitoring environments
· The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision-making skills to handle the often fast-paced role of an incident handler
· 4 year degree in Computer Science or a related technical degree, or minimum of 5 years of IT experience
· 1+ years of experience detecting and responding to cyber intrusions in an Operations Technology environment
· Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job
· Must be willing to travel 10%
· Must be willing to work out of an office located in Wauwatosa, WI, Chicago, IL, or Van Buren Township, MI or remote home office
· The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler
· Strong verbal and written communication skills
· Detailed understanding of APT, Cyber Crime and other associated tactics
· Strong hands-on experience with Splunk including building and maintaining optimal Splunk environments
· Practical hands-on experience monitoring and responding to events in cloud-based environments such as Microsoft Azure and Amazon Web Services
· Practical hands-on experience implementing monitoring solutions based on cloud-based security solutions such as Azure Security Center and AWS CloudTrail, CloudWatch and GuardDuty
· Practical hands-on experience with one or more network security monitoring related technologies such as Security Onion, Snort, Bro, Sguil, Snorby, or Surricata
· Practical hands-on experience with endpoint detection & response toolsets such as McAfee, MIR, CarbonBlack, CrowdStrike Falcon, or Tanium
· Practical hands-on experience analyzing artifacts produced from digital forensics and incident response technologies
· Practical hands-on experience utilizing and implementing incident response platforms such as Resilient, TheHive, or RTIR
· Familiarity with and applicability of the Mitre ATT&CK framework
· CISSP, OSCP or related SANS certifications preferred
· Hands-on familiarity with static malware analysis techniques
GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is anEqual Opportunity Employer . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Additional Eligibility Qualifications
GE will only employ those who are legally authorized to work in the United States for this opening.