$100K - $150K(Ladders Estimates)
We are looking for a Sr Staff Incident Responder to join our dynamic team, driving efforts within the GE Digital Cyber Threat Management organization to protect the GE enterprise from cyber security threats. This role will assist in the design, engineer, develop and implement an identity focused detection strategy to monitor authentication and identity across the enterprise and cloud environments. You will work alongside several GE-CIRT teams and other GE teams in driving this effort.
You are an information and Cyber Security Incident Responder driven to create and implement enterprise-class, product driven detection strategies, with a focus on identifying and driving future-state direction of the Content Development program at global scale. Your role includes the design & development of detection capabilities (Content Development) and increased effectiveness, emphasizing on building well-integrated capabilities that span business environments and platforms (development, operations, cloud, mobile, etc). Your goal is to work through security incidents and independent research to find new ways to surface current and potential weakness in the Identity detection space. Demonstration of leadership abilities as well as a strong comprehension of emerging threats, defensive technologies and agile response methodologies is critical.
In this role, you will:
• Strive to mature the identity threat detection program.
• Work with Program and Product Management to influence the Identity Management Services roadmap to enable threat detection.
• Identify opportunities to optimize and consolidate detection methodologies and approaches on a global scale
• Leverage extensive experience in threat detection, penetration testing, forensics & response
• Build a sustainable and agile incident detection and response process with automation as a key element
• Collaborate and lead knowledge sharing initiatives with partner organizations in the public, private and DFIR-focused spaces
• Lead large scale individual and matrixed initiatives as directed by management
• Mentor team members in technical/functional areas.
Bachelors Degree in Computer Science or a related technical degree OR equivalent work experience
Minimum 8 years professional work experience
Minimum 4 years of experience with Identity & Access Management technologies
Must be legally authorized to work in the US. GE will not agree to sponsor individuals' employment visas, now or in the future, for this role.
Must be willing to work out of an office located in Glen Allen, VA, Van Buren Township, MI, Miami, FL, or Atlanta, GA
• Detailed understanding of authentication protocols SAML, OAuth, OpenID, Radius, Kerberos, etc.
• Detailed understanding of identity management platforms such as AWS IAM, Active Directory, Sailpoint etc.
• Expertise in working with large data sets to develop detection analytics and behaviors
• Detailed understanding of APT, Cyber Crime and other associated cyber threat tactics
• Experience hands on scripting / programming experience (Python, Perl, C, etc.)
• Experience in Network Security Monitoring practices, with direct hands-on experience with one or more NSM related technologies:
• Security Onion, Snort, Bro, Sguil, Snorby, Suricata, or similar
• Experience with host based detection and IR technologies such as Falcon Host, McAfee EPO, OSSEC, Yara, MIR, CarbonBlack, Tanium or similar
• CISSP, OSCP or related SANS certifications preferred
• Experience with malware and reverse engineering Experience with host-centric detection and response skills
• Working knowledge of secure communication methods, including Secure Shell, SILC, and PGP/GPG
• Strong oral and written communication skills
• Experience working with organizations with SaaS business models is a plus
• Experience with Agile Management
Valid Through: 2019-10-17