General Electric Staff Cyber Investigator in Van Buren Township, Michigan

Role Summary:

Staff Cyber Investigator will perform a variety of highly technical analyses dealing with the collection, processing, preservation, analysis, and presentation of computer related evidence. They will be part of a dynamic, growing team, planning, preparing, hunting for, and responding to incidents stemming from internal threat actors. Demonstration of leadership abilities in corporate environment as well as a strong comprehension of emerging threats and calculating risk will be critical to success

Essential Responsibilities:

  • Preserve and analyze data from electronic data sources, including laptop and desktop computers and mobile devices

  • Utilize digital forensic tools (EnCase, AccessData, Forensic Toolkit, Cellebrite, Blackbag, etc.) and investigative methods to find evidence stored on a variety of digital media (laptops, desktops, and mobile devices)

  • Utilizing forensic tools and investigative methods to find specific electronic data, including internet use history, processing documents, images, and other files

  • Clearly document and communicate investigation findings to both technical and executive audiences

  • Receive and handle items of evidence, following procedures, rules of evidence and guidelines of computer forensics

  • Act as a technical lead during critical cyber security events and/or investigations

  • Support investigations in the form of reviewing server-based activity include email and internet logs

  • The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler. Qualifications/Requirements: Basic Qualifications:

  • Degree in Computer Science or in “STEM” Majors (Science, Technology, Engineering and Math)

  • Minimum of 5 years of professional experience in IT, including at least 3 years experience in Incident Response, Computer Forensics and/ or Investigations

  • Minimum of one of the following certifications (CFCE, CHFI, GFCA, GCFE, CEH, EnCE, CCO or CBE)Eligibility Requirement:

  • Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job. Desired Characteristics:

  • The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler

  • Strong verbal and written communication skills

  • Demonstrated skill in digital forensics and evidence handling

  • Previous experience conducting internal investigations

  • Demonstrated work ethic with a passion for Cyber Security

  • Professional experience with Cyber Security, Information Assurance, and Information Technology

  • Experience with host based detection and prevention suites (McAfee EPO, OSSEC, Yara, MIR, CarbonBlack, Tanium, etc.)

  • Experience with host-centric tools for forensic collection and analysis (SleuthKit, Volatility Framework, FTK, Encase, etc.)

  • Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis)

  • Experience with malware and reverse engineering (Dynamic and static analysis)

  • Strong IT infrastructure background including familiarity with the following:

  • Networking (TCP/IP, UDP, Routing)

  • Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)

  • Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.)

  • System/Application vulnerabilities and exploitation

  • Operating systems (Windows, *Nix, and Mac)

  • Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques

  • CISSP, CISM or related SANs certifications preferred

  • Active US government security clearance or ability to obtain clearance

  • Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG#DTR About Us: GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry. GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer at http://www.ge.com/sites/default/files/15-000845%20EEO%20combined.pdf . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. Locations: United States; Michigan, Ohio; CincinnatiGE will only employ those who are legally authorized to work in the United States for this opening.