General Electric Sr Incident Responder (Remote) in Glen Allen, Virginia
Job Description Summary
We are adding a Senior Incident Responder to our dynamic team, driving efforts within the GE-CIRT organization to hunt for cyber security threats to within the GE enterprise network. This role will develop and implement detection correlations across the host, network, identity and application spaces and play an integral role in investigating adversarial activity.
You are a rising analyst in the Incident Response or Technical Threat Intelligence space driven to grow into the threat hunting space, where you will create and implement enterprise-class threat hunting analytics, with a focus on identifying and driving future-state direction of GE-CIRT’s Hunt program at global scale. This role includes the development and correlation of detection capabilities across multiple data sources, including the network, host, cloud, and identity intelligence (I2) spaces. The candidate will work through security incidents and perform independent research to find new ways to surface identify and investigate suspicious behavior across a complex organization.
As a Sr. Incident Responder , you will:
Strive to mature the GE’s threat detection program.
Identify opportunities to optimize and correlate detection methodologies
Leverage extensive experience in threat detection, penetration testing, forensics response
Build sustainable identification and investigative processes and workflows
Lead knowledge sharing initiatives with partner organizations in DFIR-focused spaces
Lead large scale individual and matrixed initiatives as directed by Management
Mentor team members in technical/functional areas.
Sr. Incident Responder Qualifications/Requirements
- Bachelor’s Degree in computer science or a related technical degree and a minimum 4 years professional work experience OR a high school diploma and 8 years of professional work experience.
Sr. Incident Responder Eligibility Requirement
GE will only employ those who are legally authorized to work in the United States for this opening. We will not offer visa sponsorship now or in the future for this role.
Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
Sr. Incident Responder Desired Characteristics
Expertise in working with large data sets to develop detection analytics
Experience responding to cyber security incidents
Detailed understanding of APT, Cyber Crime and other associated cyber threat tactics
Experience hands on scripting / programming experience (Python, Powershell, etc.)
Experience in Network Security Monitoring or investigation practices, with direct hands-on experience with one or more NSM related technologies (Suricata, Snort, Zeek, etc.)
Experience with endpoint IR technologies (e.g. CrowdStrike, Tanium, Windows Defender)
Experience working with cloud technologies (AWS, Azure, SaaS, etc.)
CISSP, OSCP or related SANS certifications preferred
Sr. Incident Responder Additional Qualifications:
Experience with malware analysis and reverse engineering
Experience in the threat intelligence space, including applying or creating intelligence-driven threat actor profiles
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer (https://assets.phenompeople.com/CareerConnectResources/GE11GLOBAL/en_global/desktop/assets/images/poster_screen_reader_optimized_w_supplement.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
Relocation Assistance Provided: No