General Electric Staff Cyber Security Researcher in Schenectady, New York
Job Description Summary
GE Gas Power values cybersecurity team as an important line of defense against protecting our sensitive data from cyber attack. In this role, you’ll proactively prevent breaches of all sizes. You will work with cross-functional teams to and perform application security management by facilitating and supporting security assessments of applications and other software and determine how to make our systems more secure. Consult and support software development processes and teams to ensure a secure coding platform, security scans are performed during development and after release on a regular basis. Work across teams to remediate defects and vulnerabilities. Introduce new technologies as a layered defense. Consult and support development teams and develop needed training programs for developers to learn how to develop software securely. Establish best practice and standards.
Essential Responsibilities :
Work with development and cross-functional teams to ensure they are meeting and adhering to secure software development practices including secure code repository, code scanning for security vulnerabilities, open source scanning, threat modeling, penetration testing, dynamic and static testing.
Establish Key Performance Indicators to measure the overall application security.
Improve application security and secure software development by updating policies, standards, guidelines and requirements to thwart and protect against new threats.
Develop training to improve skills of developers in writing secure code.
Participate in and support application security reviews and threat modeling.
Recommend and develop security measures to protect information against unauthorized modifications or loss of data.
Coordinate with development teams or third parties to fix systems/application vulnerabilities.
Ensure steps of the software development lifecycle (SDLC) follows security best practices and adhering to secure coding principles and aid in testing the application against security risks/parameters before release.
Identify new technologies to protect against application/system vulnerabilities as a layered defense.
- Bachelors degree from an accredited University. Minimum of 5 years experience in Cyber Security or Software Development
Desired Characteristics :
Exceptional expertise with OWASP, statis/dynamic analysis and common security tools.
Basic understanding of network and web related components and protocols.
Experience working with developers and basic development or scripting experience
Familiarity with common security libraries, security controls and common security flaws.
Exceptional expertise with OWASP
Experience working with developers
Demonstrated experience maintaining organizational satisfaction, quality and performance.
Leadership in proactively driving out vulnerabilities.
Experience with development life cycles and tools to automate
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer (https://assets.phenompeople.com/CareerConnectResources/GE11GLOBAL/en_global/desktop/assets/images/poster_screen_reader_optimized_w_supplement.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
As a federal government contractor, GE may in the future be required to have U.S. employees fully vaccinated against COVID-19. Some GE customers currently have vaccination mandates that may apply to GE employees.
Relocation Assistance Provided: No