General Electric Staff Product Security Leader in Atlanta, Georgia
We are looking for a Staff Product Security Leader to work with Power Utility Customers and GE teams comprised of Commercial Operations & Pre-Sales, Product Management, Sourcing, Software Engineering, Infrastructure/Platform, Project Deployment, and Maintenance & Support teams to continue enhancing our end-to-end Product Security Program. This role will blend strong technical expertise and program management skills.
The Cyber Security Product Expert role is a “thought leader” in the Digital Energy Cyber Security team. The Cyber Security Product Expert demonstrates leadership by supporting customer security efforts, supervising the development of reference architecture across key Digital Energy product lines, and supporting our project & services teams in their efforts to deliver secure solutions.
In this role, you will:
• Work with a global utility & telco customer install base to protect Critical Infrastructure in a time of Digital Transformation and cyber warfare
• Define common security infrastructure configuration based on global industry security standards such as NERC CIP, EU NIS Directive, ASD8, CIS20, NIST, and others, for the new Digital Energy modular, container-based product infrastructure
• Work with our DevOps team to ensure a truly Secure DevOps model as it relates to product code and delivery, including package signing, transmittal, etc.
• Provide customer confidence by quickly responding to industry-wide branded bugs / attacks, such as Spectre/Meltdown or WannaCry, as well as drive any reported product vulnerabilities to closure
• Stay current on industry cyber trends by monitoring news, reading standards, attending cyber conferences, etc.
• Present GE’s vision and take on industry trends at customer forums and industry events
• Respond to customer Requests for Proposals and review Cyber Terms & Conditions associated with customer projects
• Bachelor’s Degree from an accredited institution in Information Security, Computer Science or Engineering
• Minimum of 7 years of progressive cyber security experience in Industrial Control Systems, ideally Grid Control Systems such as EMS, DMS, OMS, DERMs, etc., based on firm technical foundation and experience in this area
• Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job
• Must be willing to travel domestically and internationally
• Must be willing to work out of an office located in Melbourne, FL, US, Atlanta, GA, US, Denver, CO, US, or Redmond, WA, US
• Strong technical security background in one or more of the following: Enterprise Linux, Windows, Docker containers, Kubernetes, Networking
• Intimately familiar with Cyber Security standards and how they are applied to Grid Control Systems
• Strong influence, facilitation, and interpersonal skills.
• Ability to support multiple projects simultaneously in a matrix management environment.
• Green Belt certified (GE employees only)
• GICSP certification
• Experience with Cyber Security certifications, such as SOC2 and/or ISO27001
• Experience creating and implementing standards, policies, procedures and practices for large enterprises
• Ability to effectively communicate with customers, engineering leaders and internal stakeholders
• Strong Leadership Skills
• Must be available for on call for potential security response
• Knowledge of application risk identification and evaluation techniques
• Knowledge of Cyber Security and full knowledge of multiple related engineering functions
• Ability to work independently
• Experience and ability to work in a global disperse team
GE drives the world forward by tackling its biggest challenges. By combining world-class engineering with software and analytics, GE helps the world work more efficiently, reliably, and safely. GE people are global, diverse and dedicated, operating with the highest integrity and passion to fulfill GE’s mission and deliver for our customers. www.ge.com
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer at http://www.ge.com/sites/default/files/15-000845%20EEO%20combined.pdf . Employment decisions are made without regard to race, color, religion, national or ethnic origin, gender (including pregnancy), sexual orientation, gender identity or expression, age, disability, veteran status or any other characteristics protected by law.
Locations: United States; Colorado, Florida, Georgia, Washington; Atlanta, Melbourne, Denver, Redmond
GE will only employ those who are legally authorized to work in the United States for this opening.