General Electric Incident Responder in Glen Allen, Virginia

Role Summary:

You will be part of a dynamic, growing team, planning, preparing, hunting for, and responding to cyber incidents stemming from internal and external threat actors. The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role within the Cyber Incident Response Team.

Essential Responsibilities:

  • Specialize in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and log-centric analysis (SIEM)

  • Daily response operations with a schedule that may involve nontraditional working hours

  • Write signatures, tune systems/tools, and develop scripts and correlation rules

  • Analyze host and network forensic artifacts and identify patterns and behaviors related to threat actors Qualifications/Requirements: Basic Qualifications:

  • Bachelor's Degree in Information Technology or a similar field or 4 years of Information Technology experience.

  • Minimum of 1+ year(s) of Cyber Security related experience.Eligibility Requirements:

  • Legal authorization to work in the US is required. GE may agree to sponsor an individual for an employment visa now or in the future if there is a shortage of individuals with particular skills. Desired Characteristics:

  • Cyber security related certifications preferred.

  • Strong verbal and written communication skills

  • Basic understanding of APT, Cyber Crime and other associated tactics

  • Experience with endpoint detection and response (EDR) suites (CrowdStrike, McAfee EPO, OSSEC, Yara, MIR, CarbonBlack, Tanium, etc.)

  • Experience with host-centric tools for forensic collection and analysis (SleuthKit, Volatility Framework, FTK, Encase, etc.)

  • Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis)

  • Basic understanding of malware and reverse engineering (Dynamic and static analysis)

  • IT infrastructure background including familiarity with the following:

  • Networking (TCP/IP, UDP, Routing)

  • Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)

  • Encryption (AES, RSA, Diffie-Hellman, etc.) and hashing algorithms (MD5, SHA, etc.)

  • System/Application vulnerabilities and exploitation

  • Operating systems (Windows, *Nix, and Mac)

  • Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques

  • CISSP, CISM or related SANs certifications preferred

  • Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG#DTR About Us: GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry. GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer at http://www.ge.com/sites/default/files/15-000845%20EEO%20combined.pdf . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. Locations: United States; Virginia; Glen AllenGE will only employ those who are legally authorized to work in the United States for this opening.