General Electric Staff Incident Responder in Houston, Texas
GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry. Baker Hughes, a GE company (NYSE:BHGE) is the world’s first and only fullstream provider of integrated oilfield products, services and digital solutions. We deploy minds and machines to enhance customer productivity, safety and environmental stewardship, while minimizing costs and risks at every step of the energy value chain. With
operations in over 120 countries, we infuse over a century of experience with the spirit of a startup – inventing smarter ways to bring energy to the world.
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer at http://www.ge.com/sites/default/files/15-000845%20EEO%20combined.pdf . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
The Staff Incident Responder will be part of a dynamic, growing team, planning, preparing, hunting for, and responding to cyber incidents stemming from internal and external threat actors. Demonstration of leadership abilities in a large corporate environment as well as a strong comprehension of malware, emerging threats and calculating risk will be critical to success. Finally, this role requires the ability to work with minimal direction from Incident Response and company leadership.
In this role, you will:
Lead technical aspects of digital security incident detection and response, focusing on very unstructured incidents and high-risk events.
Specialize in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and/or log-centric analysis (SIEM)
Perform daily response operations with a schedule that may involve nontraditional working hours - act as escalation points for Information Security Incident Analysts
Write signatures, tune systems/tools, and develop scripts and correlation rules
Mentor and train Event and Incident Analysts as required.
The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler Qualifications/Requirements: Basic Requirements:
4 year degree in Computer Science or a related technical degree, or minimum of 5 years of IT experience
1+ years of experience detecting and responding to cyber intrusions in an Operations Technology environmentEligibility Requirements:
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job
Must be willing to work out of an office located in Houston Texas or US BHGE facility. Desired Characteristics:
The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler
Strong verbal and written communication skills
Detailed understanding of APT, Cyber Crime and other associated tactics
Strong track record of understanding and interest in recognized IT and OT security-related standards and technologies, demonstrated through training, job experience and/or industry
Knowledge of and/or working on GE OT products
Professional experience with Cyber Security, Operations Security, Product Security, Industrial Control Systems (ICS), Information Assurance, and Information Technology
Experience with host based detection and prevention suites (McAfee EPO, OSSEC, Yara, MIR, CrowdStrike, Tanium, etc.)
Experience with host-centric tools for forensic collection and analysis (SleuthKit, Volatility Framework, FTK, Encase, etc.)
Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis)
Experience with malware and reverse engineering (Dynamic and static analysis)
Strong IT infrastructure background including familiarity with the following:
Networking (TCP/IP, UDP, Routing)
Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)
Operating systems (Windows, *Nix, and Mac)
Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques
CISSP, CISM or related SANs certifications preferred #DTR Locations: United States; Texas; HoustonGE will only employ those who are legally authorized to work in the United States for this opening.