Role Summary: The Staff Incident Responder will be part of a dynamic, growing team, planning, preparing, hunting for, and responding to cyber incidents stemming from internal and external threat actors. Demonstration of leadership abilities in a large corporate environment as well as a strong comprehension of malware, emerging threats and calculating risk will be critical to success. Finally, this role requires the ability to work with minimal direction from Incident Response and company leadership. Essential Responsibilities:
Lead incident handling and recovery from cyber security events, such as malware, phishing, business-email-compromise, security researcher notifications, etc.
Perform daily response operations on a rotating weekly schedule, that may involve nontraditional working hours especially during significant incidents
Quickly research solutions to incidents to provide steps for containment and partial or full recovery
Effectively communicate the nature of, the severity of and the steps needed to recover from an incident
Document your involvement in incidents in a clear consistent method suitable for use in both knowledge management and incident notification briefs read by varied audiences (from technical to senior leadership)
Contribute to and lead various improvement activities, such as on boarding new environments, on boarding new event sources, ensuring detection tool set coverage, building knowledge management systems, etc.
Contribute to developing and maintaining KPIs, KRIs, SLAs, and other critical incident-response metrics
The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, good decision-making skills, and self-awareness to escalate appropriately Qualifications/Requirements:
4 year degree in Computer Science or a related technical degree, or minimum of 5 years of IT experience
1+ years of experience detecting and responding to cyber intrusions in an Operations Technology environment Desired Characteristics:
The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision-making skills to handle the often fast-paced role of an incident handler
Strong verbal and written communication skills
Working understanding of APT, Cyber Crime and other associated threat groups and their tactics
Strong hands-on experience with Splunk including building and maintaining optimal Splunk environments
Practical hands-on experience monitoring and responding to events in cloud-based environments such as Microsoft Azure and Amazon Web Services
Practical hands-on experience implementing monitoring solutions based on cloud-based security solutions such as Azure Security Center and AWS CloudTrail, CloudWatch and GuardDuty
Practical hands-on experience with endpoint detection & response toolsets such as Defender, McAfee, CrowdStrike Falcon, or Tanium
Practical hands-on experience analyzing artifacts produced from digital forensics and incident response technologies
Practical hands-on experience utilizing and implementing incident response platforms such as Resilient, TheHive, or RTIR
CISSP, OSCP or related SANS certifications preferred
About Us: GE (NYSE:GE) drives the world forward by tackling its biggest challenges. By combining world-class engineering with software and analytics, GE helps the world work more efficiently, reliably, and safely. GE people are global, diverse and dedicated, operating with the highest integrity and passion to fulfill GEâs mission and deliver for our customers
Applying Job & Updating your profile. Please wait…
Update/Review profile information
Please review & update following critical information(s). Update & apply to become a matching Job applicant! Without this information, your profile may not get shortlisted.