Sr Staff Incident Responder

Job Description

This role includes the oversight, coordination, communication and management of incident response and remediation of Cyber Security incidents reporting to the Director of Detection and Incident Response at GE Aerospace. This role is a cyber security Incident Responder driven to create and implement enterprise-class response strategies, with a focus on identifying and driving future-state direction of the Response program at GE Aerospace working with GE’s global CIRT team. The role includes managing Aviation’s response program, identification of process improvements, defining measurements, conduct operational reviews and align with business objectives around key risk reduction. Demonstration of leadership abilities, strong verbal, and written capability as well as a strong comprehension of emerging threats, defensive technologies and response methodologies is critical.
 

Qualifications/Requirements:

Bachelor’s degree from accredited university or college with minimum of 5 years of professional experience OR Associates degree with minimum of 8 years of professional experience OR High School Diploma with minimum of 10 years of professional experience

Minimum 5 years of professional experience in  Cyber

Note: Military experience is equivalent to professional experience

Eligibility Requirement:

-Legal authorization to work in the U.S. is required.  We will not sponsor individuals for employment visas, now or in the future, for this job.
Ability to obtain and maintain a US Government SECRET security clearance

Desired Characteristics:
The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler.

• Experience with Network Security Monitoring, SIEM and/or response related activities
• Experience with host-centric detection & response skills, as well as process automation
• Detailed understanding of APT, Cyber Crime and other associated tactics
• Professional experience with Cyber Security, Operations Security
• Experience with host based detection and prevention suites (McAfee EPO, OSSEC, Yara, MIR, CarbonBlack, Tanium, etc.)
• Experience with host-centric tools for forensic collection and analysis (SleuthKit, Volatility Framework, FTK, Encase, etc.)
• Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis)
• Experience with malware and reverse engineering (Dynamic and static analysis)
• Strong IT infrastructure background including familiarity with the following:
• Networking (TCP/IP, UDP, Routing)
• Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)
• Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.)
• System/Application vulnerabilities and exploitation
• Operating systems (Windows, *Nix, and Mac)
• Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques

• CISSP, CISM or related SANs certifications preferred
• Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG

•  Lead technical projects of cloud based digital security, incident detection and response

•  Specialize in design and building automation utilizing native cloud services

•  Perform daily response operations with a schedule that may involve nontraditional working hours - act as escalation point and subject matter expert during AWS cloud incidents

•  Build, test and tune custom automation, aiding in the efficiency of our response capabilities

This role requires access to U.S. export-controlled information. If applicable, final offers will be contingent on ability to obtain authorization for access to U.S. export-controlled information from the U.S. Government.

Additional Information