GE Jobs

Mobile GE Logo

Job Information

General Electric Senior Cyber Investigator in Wilmington, North Carolina

Job Description Summary

The Senior Cyber Investigator will be responsible for identifying, tracking, and analyzing digital security threats and leverage response strategies as part of the operations leadership team across the network, endpoint, email, cloud, and identity areas, playing an integral role in defending against adversarial activity. The ideal candidate will work cross-functionally with analysts from different parts of the organization, and their analytic insights will be applied to make GE and its users more secure.

Job Description

Roles and Responsibilities:

In this role, you will:

  • Specialize in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and log-centric analysis (SIEM)

  • Perform daily response operations on a schedule that may involve nontraditional working hours

  • Curate signatures, tune systems/tools, and develop scripts and correlation rules

  • Analyze host and network forensic artifacts and identify patterns and behaviors related to threat actors

  • Lead technical aspects of incident detection and response

  • Mentor and train incident responder and incident responder specialists

  • Build sustainable identification and investigative processes and workflows

  • Assist in the development and execution of the detection analytics capabilities within the insider threat program, including risk scoring models, thresholds, baselines, key indicators, and reporting

  • Execute risk-based analysis of insider events and report on potential threats & vulnerabilities

  • Possess proven knowledge of cyber adversary tactics, techniques, and procedures (TTPs)

  • Demonstrated ability to synthesize tactical information into strategic reporting

  • Perform daily response operations with a schedule that may involve occasional nontraditional working hours

  • Lead knowledge sharing initiatives with partner organizations in DFIR-focused spaces

Qualifications/Requirements:

  • Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math)

  • ​Minimum 5 years of related professional experience

Additional Eligibility Qualifications:

  • GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable). This role is restricted to U.S. persons (i.e., U.S. citizens, permanent residents, and other protected individuals under the Immigration and Naturalization Act, 8 U.S.C. 1324b(a)(3)) due to access to export-controlled technology. GE will require proof of status prior to employment.

Desired Characteristics:

  • Working knowledge of various operating systems (Microsoft Windows, Linux, MacOS, Android, etc.)

  • Working knowledge of TCP/IP Protocols, Network analysis, Packet capture, Routing/Switching, Network segmentation, Network/System/Host level operating principals, and security controls.

  • Working knowledge of various relational database technologies (Microsoft SQL, MySQL, Oracle, etc.)

  • Working knowledge of various security methodologies, processes, and technical security solutions (e.g. Firewalls, Intrusion Detection/Prevention systems, Access Control Lists, Network Segmentation, SIEMs, Auditing/Logging and Identity & Access Management solutions, etc.)

  • Detail understanding of CND-based analytical models (Kill Chain, ATT&CK, Pyramid of Pain, etc.)

  • Understanding of APT, Cyber Crime and other associated tactics

  • Understanding of host forensics and network analysis techniques and tools

  • Understanding of malware and reverse engineering

  • ·Understanding of vulnerabilities, vulnerability management, remediation, scoring / prioritization, and implementation techniques.

  • Experience responding to cyber security incidents

  • Experience in scripting languages such as Powershell, VBscript, Bash, Python, or Ruby

  • Experience using or supporting MacOS and Windows OS on end user workstations

  • Strong written, verbal, analytical and organizational skills, and the ability to speak confidently when dealing with internal constituents

  • General knowledge of cloud-based technologies and cloud security architecture basics.

  • Process oriented, capable of documenting guidelines, policies and procedures within work area

  • Ability to identify risks areas for potential data loss exposures

  • Experience in working with Agile methodologies

  • Working knowledge of data protection tools such as Digital Guardian, Symantec, Intel Security (McAfee), Websense, or Proofpoint

  • Working knowledge of database connectivity and data integration methods using Microsoft SQL, MySQL, HQL, KQL, and SplunkWorking knowledge of how authentication, authorization, and access management systems function.

  • Ability to clearly articulate technical concepts/issues to both technical and non-technical peers and management

  • Knowledge of recognized IT Security-related standards and technologies

  • ·Strong interpersonal, analytical, organizational, written and verbal communication skills

  • Demonstrated ability to communicate in a team-based setting

  • Experience with logging and analytics applications such as Digital Guardian, Symantec, Splunk, RSA Archer, Exabeam, Securonix, Hadoop, or SOF-ELK

  • Experience in data modeling

  • CISSP, OSCP orNetwork+, Security+, CEH or related SANS, or vendor specific (e.g. CISCO, Microsoft, RedHat, AWS, etc.) certifications are a plus

  • Understanding of responding to threats in cloud platforms (AWS, Azure, Google, etc.)

  • Excellent verbal and written communication skills

  • Excellent organizational and analytical skills

  • Detail oriented with the ability to multi-task and prioritize efforts

.

This role is restricted to U.S. persons (i.e., U.S. citizens, permanent residents, and other protected individuals under the Immigration and Naturalization Act, 8 U.S.C. 1324b(a)(3)) due to access to export-controlled technology. GE will require proof of status prior to employment.

Additional Information

GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer (https://assets.phenompeople.com/CareerConnectResources/GE11GLOBAL/en_global/desktop/assets/images/poster_screen_reader_optimized_w_supplement.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

Relocation Assistance Provided: No

DirectEmployers