General Electric Incident Responder - Identity Intelligence in Glen Allen, Virginia
Job Description Summary
We are adding an Identity Intelligence analyst to our Content Development team, driving efforts within the GE-CIRT organization to create detections tailored to the identity and authentication spaces within the GE enterprise network. This role will develop and implement new detections and behaviors to help identity suspicious and malicious behaviors so that they may be raised to investigators.
You are a rising junior-to-midlevel analyst in the Incident Response space driven to create and implement enterprise-class identity detection analytics, with a focus on identifying and driving future-state direction of GE-CIRT’s Identity Intelligence program at global scale. This role includes the development and correlation of detection capabilities across multiple data sources, including the network, host, cloud, and identity intelligence (I2) spaces. The candidate will collaborate with multiple teams on a regular basis, including GE-CIRT’s hunt and incident response groups.
In this role, you will:
Strive to mature GE’s identity threat detection program.
Identify opportunities to optimize and correlate detection methodologies in the identity space
Build sustainable identification and investigative processes and workflows
Lead knowledge sharing initiatives with partner organizations in DFIR-focused spaces
Lead large scale individual and matrixed initiatives as directed by Management
Identity and develop correlations across authentication domains to produce identity threat intelligence
- Bachelor’s Degree inComputer Science or “STEM” Majors (Science, Technology, Engineering and Math)plus a minimum 2 years professional work experience OR a high school diploma/GED and 6 years of professional work experience.
GE will only employ those who are legally authorized to work in the United States for this opening. We will not offer visa sponsorship now or in the future for this role.
Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
A strong candidate will have expertise in several of the following areas:
Expertise in working with large data sets in large environments to develop detection analytics
Experience using Splunk (and SPL), ELK, or similar indexing tools to investigate threats
Knowledge of SAML 2.0, PKI, and federated environment architectures
Experience responding to cyber security incidents
Experience hands on scripting / programming experience (Python, Powershell, etc.)
Prior experience with Preempt, Ping One, Identity Protection Center, Defender for Identity
Experience working with cloud technologies (AWS, Azure, SaaS, etc.)
CISSP, OSCP or related SANS certifications preferred
Understanding of APT, Cyber Crime and other associated cyber threat tactics
Experience in the threat intelligence space, including applying or creating intelligence-driven threat actor profiles
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer (https://assets.phenompeople.com/CareerConnectResources/GE11GLOBAL/en_global/desktop/assets/images/poster_screen_reader_optimized_w_supplement.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
Relocation Assistance Provided: No