GE Careers
Apply Now    

Sr Incident Responder

  • GE Aviation
  • Experienced
  • Posted 7/20/2017 11:50:02 AM
  • 2918759
  • Job Function: Digital Technology
  • Business Segment: Aviation Digital
Location(s): United Kingdom; Cheltenham


About Us:
GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.

At GE Aviation, we are imagination at work. Whether we’re manufacturing components for our GEnx engines or driving innovation in fuel and noise reduction, the GE Aviation teams are dedicated to turning imaginative ideas into advances in aviation that solve some of the world’s toughest problems. Join us and you’ll find yourself in a dynamic environment where our ongoing, substantial investment in research and development keeps us moving forward and looking ahead. At GE, developing people is embedded in our culture and integral to our growth. Here you’ll work collaboratively and across functions with the highest caliber talent, utilizing cutting-edge technology and processes. Whether it’s the next generation of ecomagination products or the future of aircraft engines, we’ve got the state-of-the-art resources to make those innovations a reality. If you’re passionate about aviation and looking for a career rich with challenges and unlimited opportunities for growth and advancement, then join GE in reengineering the sky through aviation innovations that will impact the globe for generations to come.

GE is diversity. We aim to employ the worlds’ brightest minds to help us create an unlimited source of ideas and opportunities. We believe in hiring talented people of varied backgrounds, experiences and styles - people like you!

Role Summary:
The Senior Incident Responder will be part of a dynamic, growing team, planning, preparing, hunting for, and responding to cyber incidents stemming from internal and external threat actors. Demonstration of leadership abilities in a large corporate environment as well as a strong comprehension of malware, emerging threats and calculating risk will be critical to success. Finally, this role requires the ability to work with minimal direction from Incident Response and company leadership.

Essential Responsibilities:

• Considerable knowledge and demonstrable experience of Universal Forwarders, rysyslog and deployment server proficiency in Splunk Processing Language (SPL).
• Understanding of developing dashboards and alerts in Splunk and able to write correlation rules for Splunk ES. Splunk system administration and management are key elements to this role.
• Responsible for configuring and administering security tools, analyzing and responding to various forms of security alerts to provide threat mitigation.
• Lead technical aspects of digital security incident detection and response, focusing on very unstructured incidents and high-risk events.
• Perform daily response operations with a schedule that may involve non-traditional working hours - act as escalation points for Information Security Incident Analysts
• Write signatures, tune systems/tools, and develop scripts and correlation rules
• The best candidates for the role will work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler
• Engage in the day-to-day operational support of logging, auditing and alerting security systems
• Maintain and update software and hardware upgrades
• Create, modify, and review of technical documentation (SOP’s, support flows)
• Connect with support teams and client/business partners during incident resolution and root cause analysis/corrective action restoration processes
• Implement identified infrastructure changes /operational processes related to S&C
• Leverage expertise to provide feasibility analysis, and implementation recommendations for operational service level improvements



Qualifications/Requirements:

• Bachelors or Master’s degree in Computer Science or a related technical degree with substantial experience in digital technology or equivalent knowledge and experience
• Demonstrable experience detecting and responding to cyber intrusions in an Operations Technology environment
• Splunk, SANS 503 / 504 certification(s)
• Experience with Microsoft, Unix and Mac OS environments.

UK Security Clearance (SC) is required and must be maintained for this role.
Candidates who do not meet the minimum requirements for UK Security Clearance are not eligible for this role on grounds of national security. If UK Security Clearance is not obtained, any offer of employment may be withdrawn on grounds of national security.

We always welcome part-time or job share applications.


Applications from job seekers who require sponsorship to work in the UK are welcome and will be considered alongside all other applications. However, non-EU/EEA candidates may not be appointed to a post if a suitably qualified, experienced and skilled EU/EEA candidate is available to take up the post, as the employing body is unlikely, in these circumstances, to satisfy the Resident Labour Market Test. For further information please visit the UK Border Agency website

http://www.ukba.homeoffice.gov.uk/visas-immigration/working

Baseline Personnel Security Standard (BPSS) clearance is required and must be maintained for this role. Please note that in the event that BPSS clearance cannot be obtained, you may not be eligible for the role and/or any offer of employment may be withdrawn on grounds of national security. Please see the link below for further details regarding the requirements for BPSS clearance

https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/61212/hmg-personnel-security-controls.pdf



Desired Characteristics:

• Strong verbal and written communication skills
• Detailed understanding of APT, Cyber Crime and other associated tactics
• Strong track record of understanding and interest in recognized IT and OT security-related standards and technologies, demonstrated through training, job experience and/or industry
• Knowledge of and/or working on GE OT products (Internal candidates only)
• Professional experience with Cyber Security, Operations Security, Product Security, Industrial Control Systems (ICS), Information Assurance, and Information Technology
• Strong IT infrastructure background including familiarity with the following:
• Networking (TCP/IP, UDP, Routing)
• Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)
• Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.)
• System/Application vulnerabilities and exploitation
• Operating systems (Windows, *Nix, and Mac)
• CISSP, CISM or related SANs certifications preferred
• Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG



Locations: United Kingdom; Cheltenham

GE offers a great work environment, professional development, challenging careers, and competitive compensation.  GE is an Equal Opportunity Employer.  Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Apply Now    

GE Careers Technical Assistance

Having technical issues with ge.com/careers or your application? We're here to help.

Get In Touch

Connect With Us

Stay up to date on GE and possible opportunities that open in areas that interest you.

Sign Up