General Electric Staff Incident Responder in Bengaluru, India
Role Summary:The Staff Incident Responder will be part of a dynamic, growing team, planning, preparing, hunting for, and responding to cyber incidents stemming from internal and external threat actors. Demonstration of leadership abilities in a large corporate environment as well as a strong comprehension of malware, emerging threats and calculating risk will be critical to success. Finally, this role requires the ability to work with minimal direction from Incident Response and company leadership.
Essential Responsibilities:• Lead incident handling and recovery from cyber security events, such as malware, phishing, business-email-compromise, security researcher notifications, etc.
• Perform daily response operations on a rotating weekly schedule, that may involve nontraditional working hours especially during significant incidents
• Quickly research solutions to incidents to provide steps for containment and partial or full recovery
• Effectively communicate the nature of, the severity of and the steps needed to recover from an incident
• Document your involvement in incidents in a clear consistent method suitable for use in both knowledge management and incident notification briefs read by varied audiences (from technical to senior leadership)
• Contribute to and lead various improvement activities, such as on boarding new environments, on boarding new event sources, ensuring detection toolset coverage, building knowledge management systems, etc.
• Contribute to developing and maintaining KPIs, KRIs, SLAs, and other critical incident-response metrics
• The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, good decision-making skills, and self-awareness to escalate appropriately
Qualifications/Requirements:• 4 year degree in Computer Science or a related technical degree, or minimum of 5 years of IT experience
• 1+ years of experience detecting and responding to cyber intrusions in an Operations Technology environment
Desired Characteristics:•• The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision-making skills to handle the often fast-paced role of an incident handler
• Strong verbal and written communication skills
• Working understanding of APT, Cyber Crime and other associated threat groups and their tactics
• Strong hands-on experience with Splunk including building and maintaining optimal Splunk environments
• Practical hands-on experience monitoring and responding to events in cloud-based environments such as Microsoft Azure and Amazon Web Services
• Practical hands-on experience implementing monitoring solutions based on cloud-based security solutions such as Azure Security Center and AWS CloudTrail, CloudWatch and GuardDuty
• Practical hands-on experience with endpoint detection & response toolsets such as Defender, McAfee, CrowdStrike Falcon, or Tanium
• Practical hands-on experience analyzing artifacts produced from digital forensics and incident response technologies
• Practical hands-on experience utilizing and implementing incident response platforms such as Resilient, TheHive, or RTIR
• CISSP, OSCP or related SANS certifications preferred
About Us:GE (NYSE:GE) drives the world forward by tackling its biggest challenges. By combining world-class engineering with software and analytics, GE helps the world work more efficiently, reliably, and safely. GE people are global, diverse and dedicated, operating with the highest integrity and passion to fulfill GE’s mission and deliver for our customers. www.ge.comAdditional Locations:India;Bengaluru;