General Electric Sr Staff Vulnerability Management Advisor in Houston, Texas

Role Summary:

As part of BHGE’s Security and Risk organization, this individual will lead BHGE-wide Vulnerability Risk Management initiatives for Enterprise IT. These initiatives include a building and managing our risk and control evaluation processes across all BHGE assets, assessing our IT environments risks and maturity, and sustaining the program through measurement of Key Risk Indicators. This individual will also work to drive process enhancement, simplification and increased process visibility.

Essential Responsibilities:

In this role, you will:

  • Integrate vulnerability management controls across BHGE’s Critical Services, Applications, Infrastructure and other assets based on Risk and Control Self Assessments processes and self-risk reporting capabilities

  • Integrate assurance capabilities throughout risk management and IT control testing processes in support of identified risks

  • Provide risk assessment advisory services to the BHGE business lines across asset types

  • Coordinate stakeholders across BHGE businesses to socialize and drive change regarding IT controls and risk assessments

  • Develop and champion key risk treatment initiatives aligned to BHGE’s top IT risks Qualifications/Requirements: Basic Qualifications:

  • Bachelor’s Degree in Information Technology or in a STEM major (Science, Technology, Engineering, or Math)

  • At least 7 years experience in IT with at least 3 years’ experience with IT risk assessment, assurance or control testing processesEligibility Requirements:

  • Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job

  • Any offer of employment is conditioned upon the successful completion of a background investigation and drug screen

  • Must be willing to work out of an office located in Houston Texas Desired Characteristics: Technical Expertise:

  • Experience auditing or testing regulatory requirements (e.g. HIPAA, PCI, FISMA, etc.)

  • Strong planning & project management skills

  • Exceptional communication skills with technical and non-technical communities

  • Proven ability to coordinate and influence large groups

  • Experience with Archer or similar GRC tools

  • Significant enterprise vulnerability management experience to include patch management and remediation activities in a large company

  • Experience with Dynamic Application Security Testing (DAST)

  • Previous Secure Development Lifecycle or Application Assessment experience

  • Hands-on experience with scanning tools including but not limited to Qualys, Rapid7, Nessus,

  • Familiarity with ServiceNow CMDB and Archer GRC tools

  • Security related certifications (i.e. CISSP, CEH, CISM, CISA, CSSLP, CCNP)

  • Experience with scripting languages (Python, Ruby, Perl) and BI tools (Tableau, SiSense)

  • Good analytical skills, attention to detail and ability to methodically troubleshoot complex issues

  • Excellent communication skills with the ability to manage vulnerability remediation efforts and constructively influence peers and leadership

  • Previous hands on experience in the information and cyber security field, specific to enterprise vulnerability management

  • Specific focus on vulnerability management for cloud service environments

  • Demonstration of leadership abilities as well as a strong comprehension of emerging threats

  • Deep capabilities in offensive / defensive technologies and agile response methodology will be critical to success

  • Some experience with Python and object-oriented software development practices in Python #DTR About Us: GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry. GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer at http://www.ge.com/sites/default/files/15-000845%20EEO%20combined.pdf . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. Locations: United States; Texas; HoustonGE will only employ those who are legally authorized to work in the United States for this opening.