General Electric Staff Risk Analyst in Atlanta, Georgia

Role Summary:

The Staff Risk Analyst will be responsible for leading, designing, developing and, implementing and automating solutions to enhance the information security assessment and threat management program to address the current and evolving security risks facing GE Power. This role requires developed and strong foundational skills and knowledge of relevant technologies in the development, automation for the Risk & Compliance space.

Essential Responsibilities:

You will be a member of an integrated team working to deliver successful outcomes around automation, risk & compliance and data analytics. This role will report to the GE Power Director - Cyber Security.

In this role, you will:

  • Define and execute Cybersecurity & Technology risk management programs for GE Power.

  • Identify simplification and automation opportunities that support the GE Power Risk Assessment program providing end-to-end execution of business risk assessments focusing on identification and mitigation of risks in legacy business, joint ventures, supplier collaboration, and engineering lab environments.

  • Responsible for GE Digital Risk & Compliance data analytics and operational performance dashboards

  • Provide regular program updates to upper Management and Business Application Owners

  • Establish and maintain relationships with stakeholders including regional CIOs, and global IT security and compliance leaders to identify risk and mitigation strategies in the support of several of the following areas…Joint Ventures; Acquisitions; Divestitures; Supplier Assessments; Security Questionnaires, either Customer or Contract related.

  • Shares knowledge of best practices and policies for information security with colleagues.

  • Demonstrates the commitment to customer service by providing responsive and effective support, developing solid working relationships with colleagues, and delivering high quality, value-added services that exceed expectations.

  • Performs other duties as assigned by appropriate personnel Qualifications/Requirements: Basic Qualifications:

  • Bachelor’s Degree in Computer Science or in “STEM” Majors (Science, Technology, Engineering and Math) or Information Technology

  • A minimum of 6 years of professional experienceEligibility Requirements: (Country Requirements)

  • Legal authorization to work in the U.S. is required for US locations.

  • Must be willing to travel 10% of the time

  • Must be willing to work out of a GE Power office. Desired Characteristics:

  • 3+ years performing IT audits, security audits, risk assessments, vulnerability, and/or penetration testing engagements

  • CISA, CISSP, CISM, or other relevant certifications (or relevant proven work experience)

  • Strong oral and written communication skills – able to communicate appropriately to technical and management audience in a clear and succinct manner and effectively evaluates information / data to make decisions

  • Risk analysis background and familiar with cyber threat identification and mitigation.

  • Strong in-depth technical knowledge in security engineering, computer and network security, strong authentication and security protocols

  • Collaborates well with others to solve problems and actively incorporates input from various sources

  • Experience developing and executing project plans

  • Hold a CISA, CISSP, CISM, or other relevant certification OR possess a minimum of 2 years of experience in IT audit/risk/security or IT project management.

  • Familiar with industry regulations (SOX, GDPR, Export Control)

  • Knowledge and experience preparing IT controls-related audit documentation and validating to the UK SPF (DEFCON 658, DEFSTAN 05-138), PCI, COBIT, NIST, ITIL and ISO frameworks

  • Have exposure to network security solutions, i.e. IDS, IPS, Qualys, DLP, Firewalls etc.

  • Familiar with Splunk, SiSense and ServiceNow a plus.

  • Knowledge of or experience in Agile methodology and concepts

  • Green Belt Certified or equivalent Quality Training (GE Employees ONLY)

  • Experience in the Information Management (IM) Compliance or Security Fields

  • Strong leadership, influencing and team building skills

  • Ability to develop and maintain effective client relationships

  • Comfortable and effective working in areas that require rapid problem solving – continuous learner#DTR About Us: GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry. GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer at http://www.ge.com/sites/default/files/15-000845%20EEO%20combined.pdf . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. Locations: France, India, United Kingdom, United States; Georgia; Atlanta, Schenectady, Greenville, New OrleansGE will only employ those who are legally authorized to work in the United States for this opening.