About
Ge
Job Description
Role Summary:We are looking for a Sr Product Security Analyst, with a focus in vulnerability management and incident response capability. In this role you will work in a team to identify, risk rate, communicate and track product vulnerabilities and be a part of the product incident response team.
Essential Responsibilities:
Be able to scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment
Engage in incident response methods lead incident response processes related to product cyber
Create and track meaningful metrics around product cyber risk and compensating controls
Create vulnerability and incident trend analysis to improve product design
Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components
Engage and administer End Of Life processes for digital products
Consult, architect on security requirements and utilize best practices to meet them
Engage in application and domain-specific threat modeling and attack surface analysis/reduction
Help prepare reports at appropriate levels of confidentiality for stakeholders to view
Responding promptly and in detail to customer-sponsored penetration tests
Provides guidance on automated testing tools and techniques
Qualifications/Requirements:
Basic Qualifications:
Bachelor's Degree in Computer Science or STEM majors (Science, Technology, Engineering, and Math) with a minimum of 4 years experience
Eligibility Requirements:
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job
Desired Characteristics:
Bachelor's Degree from an accredited institution in Information Security
Experience in progressive cuber security development experience - ideally in the power industry
Industry recognized software security certification (CSSLP, CISSP, CySa+, etc.)
Experience with accepted industry cyber security standards (NERC CIP, NIST 800-53, ISO 27001, etc.) implementation and governance
Experience implementing DevSecOps environments
Program and Project Management experience
expertise with Agile development teams
Experience with secure coding principles; code signing; secure boot
Experience with penetration testing and ethical hacking
Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
Ability to work independently
Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)
Experienced in developing web services (SOAP/REST)
Must be available for on call for potential security response
Knowledge of application risk identification and evaluation techniques
Knowledge of Cyber Security and full knowledge of multiple related engineering functions
Experience securing applications within cloud platforms such as AWS or Azure
Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment
#DTR
About Us:GE (NYSE:GE) drives the world forward by tackling its biggest challenges. By combining world-class engineering with software and analytics, GE helps the world work more efficiently, reliably, and safely. GE people are global, diverse and dedicated, operating with the highest integrity and passion to fulfill GE's mission and deliver for our customers. www.ge.com
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, gender (including pregnancy), sexual orientation, gender identity or expression, age, disability, veteran status or any other characteristics protected by law.
Additional Eligibility Qualifications:GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).Additional Locations:United States;Washington, Wisconsin;Redmond, open to remote in Wisconsin;
About Ge
General Electric is a high-tech industrial company engaged in energy, healthcare, and transportation.