Information Security Assessor

GE (NYSE: GE) is the world’s Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. GE is organized around a global exchange of knowledge, the "GE Store,"? through which each business shares and accesses the same technology, markets, structure and intellect. Each invention further fuels innovation and application across our industrial sectors.

Performs security assessments and information security audits of Third Parties utilizing established IT risk assessment framework and assessment programs. Conducts IT risk assessments to identify appropriate oversight tier and relevant IT controls. Develops and executes assessment approach based on risk assessments. Prepares assessment reports detailing assessor’s review of the information security controls and any control gaps. Engages business to re-mediate issues.

* Perform 3rd Party information security assessments utilizing established IT risk assessment framework and assessment programs * Provide practical recommendations to remediate control gaps * Prepare present assessment findings to a cross-functional audience * Engage business units and Third Parties to remediate control gaps * Communicate common information security themes and control gaps identified across the entire Third Party inventory and lifecycle * Coordinate across functions such as security, sourcing, legal, and compliance * Establish operating rhythm with Business Units to report out on key metrics including status of assessments and issue management * Stay current and utilize industry standards and best practices to drive improvements in overall Third Party security posture

* Bachelor's Degree in Information Technology, Computer Science, Information Assurance, or related field * Minimum 2 years of professional experience in Cyber Security, Information Assurance, Information Security, or IT Audit * Must be willing to travel up to 25% Additional Eligibility Qualifications GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a background investigation and drug screen. Desired Characteristics * Internationally recognized information security/IT Audit certification/qualifications such as CISSP, CISA, GSNA, GSAE, or CCNA * Experience performing IT Audits or Security Assessments of 3rd Party Suppliers in a regulated environment (i.e. Financial Services, Critical Infrastructure) * Detailed understanding of industry accepted Information Security and IT governance standards (i.e. COBIT, ISO, NIST) * Awareness or experience with industry regulations (i.e. HIPAA, DFARS, Export control, PCI) Proven ability to execute across multiple locations and stakeholder groups * Ability to work cross functionally * Ability to influence others effectively across a matrixed organization * Excellent analytical / technical skills * Strong oral communication, business writing, presentation and facilitation skills * Experience managing projects across a complex organization and IT landscape