General Electric Sr Manager - Cyber Security in Chicago, Illinois
We are looking for an experienced information security practitioner to drive continuous improvement and maturity in cybersecurity practices across the GE Transportation enterprise. In this role, you will initiate and lead efforts to increase the efficacy of security controls and operations, and drive the standardization of secure engineering and development practices in GE Transportation products.
As Sr. Manager, Cyber Security, you will lead GE Transportation interactions with customers, industry organizations, and regulators around security and cyber risk. You will work with commercial leaders on customer opportunities, and ensure GE Transportation maintains a strong security relationship with strategic customers. This position blends a need for strong technical and engineering expertise with demonstrable program management and customer relationship skills.
This role reports to Chief Information Security Officer, GE Transportation
You are an experienced and skilled security professional who enjoys both the technical details of architecture and security engineering, as well as collaboration with senior business and customer leadership.
In this role, you will:
Create and maintain business-wide cybersecurity design, development, and engineering policies and procedures
Create and track KPIs that quantify cyber risk and compensating controls, including vulnerability and patch management. Use these KPIs to drive meaningful reductions in risk
Lead customer interactions around security and privacy, including representing GE Transportation at industry exercises, customer meetings and audits, etc.
Lead adoption, compliance, and certification efforts around NIST CSF/800-53, ISO 27001, GDPR, and other relevant frameworks and legislation.
Supervise implementation and adherence to cyber policies and standards, including leading Product Release Readiness Reviews, system certification processes, IAM and DLP reviews and exceptions, and vulnerability management processes. Drive effective exception processes.
Regularly brief CISO, CDO, CIO, and others on progress across cyber initiatives.
Help Commercial and Legal teams understand and approve contract terms for security and privacy.
Expedite completion of customer security questionnaires.
Bachelor's Degree in Computer Engineering or in a STEM major (Science, Technology, Engineering, or Math) and/or a minimum of 4 years of equivalent experience
A minimum of 4 years of experience in security development life cycle
A minimum of 4 years of experience with development team(s) that delivered software based services
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job
Must be willing to travel up to 15%
Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance
Program and Project Management experience; expertise with Agile development teams
Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
Knowledge of Identity management and identity federation
Must be available for on call for potential security response
Knowledge of application risk identification and evaluation techniques
Knowledge of Cyber Security and full knowledge of multiple related engineering functions
Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment
GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer at http://www.ge.com/sites/default/files/15-000845%20EEO%20combined.pdf . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Locations: United States; California, Illinois, Pennsylvania; Chicago, San Ramon, Erie, Remote
GE will only employ those who are legally authorized to work in the United States for this opening.