GE Jobs

Mobile GE Logo

Job Information

General Electric Incident Responder - Identity Intelligence in Glen Allen, Virginia

Job Description Summary

We are adding an Identity Intelligence analyst to our Content Development team, driving efforts within the GE-CIRT organization to create detections tailored to the identity and authentication spaces within the GE enterprise network. This role will develop and implement new detections and behaviors to help identity suspicious and malicious behaviors so that they may be raised to investigators.

Job Description

You are a rising junior-to-midlevel analyst in the Incident Response space driven to create and implement enterprise-class identity detection analytics, with a focus on identifying and driving future-state direction of GE-CIRT’s Identity Intelligence program at global scale. This role includes the development and correlation of detection capabilities across multiple data sources, including the network, host, cloud, and identity intelligence (I2) spaces. The candidate will collaborate with multiple teams on a regular basis, including GE-CIRT’s hunt and incident response groups.

In this role, you will:

  • Strive to mature GE’s identity threat detection program.

  • Identify opportunities to optimize and correlate detection methodologies in the identity space

  • Build sustainable identification and investigative processes and workflows

  • Lead knowledge sharing initiatives with partner organizations in DFIR-focused spaces

  • Lead large scale individual and matrixed initiatives as directed by Management

  • Identity and develop correlations across authentication domains to produce identity threat intelligence

Qualifications/Requirements

  • Bachelor’s Degree inComputer Science or “STEM” Majors (Science, Technology, Engineering and Math)plus a minimum 2 years professional work experience OR a high school diploma/GED and 6 years of professional work experience.

Eligibility Requirement

  • GE will only employ those who are legally authorized to work in the United States for this opening. We will not offer visa sponsorship now or in the future for this role.

  • Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

Desired Characteristics

A strong candidate will have expertise in several of the following areas:

Technical Expertise:

  • Expertise in working with large data sets in large environments to develop detection analytics

  • Experience using Splunk (and SPL), ELK, or similar indexing tools to investigate threats

  • Knowledge of SAML 2.0, PKI, and federated environment architectures

  • Experience responding to cyber security incidents

  • Experience hands on scripting / programming experience (Python, Powershell, etc.)

Additional Qualifications:

  • Prior experience with Preempt, Ping One, Identity Protection Center, Defender for Identity

  • Experience working with cloud technologies (AWS, Azure, SaaS, etc.)

  • CISSP, OSCP or related SANS certifications preferred

  • Understanding of APT, Cyber Crime and other associated cyber threat tactics

  • Experience in the threat intelligence space, including applying or creating intelligence-driven threat actor profiles

Additional Information

GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer (https://assets.phenompeople.com/CareerConnectResources/GE11GLOBAL/en_global/desktop/assets/images/poster_screen_reader_optimized_w_supplement.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

Relocation Assistance Provided: No

DirectEmployers