Business Segment: Digital Predix Products & Technology
Location(s): United States; California; San Ramon
GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry. GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
We are seeking a strong candidate in our Cyber Security team to help with the regulatory, data security governance and compliance with deep cloud experience. The regulatory compliance analyst will engage in all phases of implementing, mapping controls, managing the respective processes and coordinating with various external auditors for our cloud infrastructure, platform and application environment.
You are experienced in compliance assessment in major cloud service provider environments like Azure, AWS etc. You will bring the organization’s information security compliance under explicit management control.
In this role, you will:
Perform cloud compliance assessments and data security governance reviews for cloud service providers (e.g. Azure, AWS) utilizing established IT risk assessment framework and assessment programs.
Understanding and hands on experience in developing one or more industry compliance frameworks and/or compliance regulations (ISO27001/2, PCI-DSS, HIPAA, FedRAMP, SSAE16, SOC 1, SOC 2, International Privacy Requirements including EU Privacy and Safe Harbor).
Assist the team in the execution of compliance programs around HIPAA, PCI, ISO27001, SOC 1/2/3, and FedRAMP.
Provide practical recommendations to remediate control gaps based on risks
Prepare present assessment findings to a cross-functional teams such as product, engineering, security, sourcing, legal, and compliance.
Establish operating rhythm to report out on key metrics including status of assessments and issue management.
Stay current and utilize industry standards and best practices to drive improvements in overall security posture of the cloud service providers (e.g. Azure, AWS)
BS degree or higher in MIS, Computer Engineering or in a STEM major (Science, Technology, Engineering or Math) or equivalent experience.
A minimum of 4 years of experience in information security management and/or related functions (such as Compliance, IT audit, IT Risk Management, Vulnerability Management and Incident Management).
Eligibility Requirements: (Country Specific)
Legal authorization to work in the U.S. is required. GE may agree to sponsor an individual for an employment visa now or in the future if there is a shortage of individuals with particular skills.
Any offer of employment is conditioned upon the successful completion of a background investigation and drug screen
Must be willing to travel 15%
Must be willing to work out of an office located in San Ramon, CA
A High energy and a result-oriented person.
Experience communicating with geographically distributed teams.
Foster a collaborative and cooperative team environment, encouraging input and participation from all members.
Expert understanding of incident handling processes.
Security consulting or equivalent experience.
Experience in large enterprise environments.
Strong communication and interpersonal skills.
Experience with the application of risk identification techniques.
Hands-on experience building compliance (i.e. ISO, SOC, FedRAMP, HIPAA etc.) frameworks is preferred.
Excellent written and verbal communication skills.
Ability to influence others effectively across a matrixed organization
Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment.
Strong oral communication, business writing, presentation and facilitation skills
Internationally recognized information security/IT Audit certification/qualifications such as CISSP, CISA, GSNA, GSAE, or CCNA
Detailed understanding of industry accepted Information Security and IT governance standards (i.e. COBIT, ISO, NIST)
Awareness or experience with industry regulations (i.e. HIPAA, DFARS, Export control, PCI)
We are in the process of transitioning to an improved job application system and in the interim we are operating with two systems. Have your Job ID ready (from the email you received when you applied) to log in and check your application status.
Click the appropriate button. If you don't know your job ID, you can still check your status: use both buttons.