Summary

GE CIRT is looking for a talented engineer to join our dynamic space. The Staff Cyber Security Engineer role is responsible for creating and engineering automation pipelines, interfacing with GE-CIRT's Incident Response Operations Team, leading meetings, and participating in the planning of future projects. The engineer has a background in incident response, threat intelligence, or equivalent applicable fields as a foundation to support the execution of these tasks.

Roles and Responsibilities

• Provide high-quality, cost-effective engineering within GE-CIRT's Security, Orchestration, Automation, and Response (SOAR) platform to streamline and expedite incident response workflows.
• Lead meetings with GE-CIRT's Incident Response Operations team to identify and prioritize potential projects based on impact, feasibility, and urgency.
• Builds automation around operations & software development processes (CI/CD)
• Applies knowledge of cybersecurity and incident response operations to ensure automation outcomes remain relevant to the operations stakeholders.
• Promotes best practices, design patterns, standards through workshops, knowledge sharing, and code walk-throughs
• Provides mentorship, advice, and skill enhancement to junior team members.
• Participates in on-call after-hours support rotation to ensure that critical performance issues are resolved in a timely manner, in accordance with established customer expectations and SLAs.

Minimum Qualifications      

• A Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) 6+ years of relevant IT experience OR a H.S. Diploma and 10+ years of relevant IT experience.
• U.S. work authorization is required, we will not sponsor work visa's for this role now or in the future.

Desired Characteristics / Technical Expertise:

• Experience with object oriented and scripting programming languages (e.g. Python, C++, JavaScript, Java)
• Experience interacting with APIs to develop applications
• Knowledge of CI/CD and automation tools (e.g. Git, Jenkins)
• Experience working in a CIRT or Cyber Fusion Center environment
• Excellent verbal and written communication skills
• Excellent organizational and analytical skills, including experience using at least one development/release framework (e.g. Agile, Waterfall)
• Detailed understanding of CND-based analytical models (Kill Chain, ATT&CK, Pyramid of Pain, etc.)
• Detailed understanding of APT, Cyber Crime and other associated tactics
• Practical experience in host forensics and network analysis techniques and tools
• Detail oriented with the ability to multi-task and prioritize efforts
• Ability to collaborate in a team environment
• Foundational cyber security knowledge in at least two areas (e.g. architecture, digital forensics, incident response, threat intelligence)