Principal Analyst - Incident Mgmt, Detection Ops

GE (NYSE: GE) is the world’s Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. GE is organized around a global exchange of knowledge, the "GE Store,"? through which each business shares and accesses the same technology, markets, structure and intellect. Each invention further fuels innovation and application across our industrial sectors.

We are looking for a principal analyst to join our dynamic team, driving efforts within the GE Digital Cyber Incident Management to protect the Predix Platform from cyber security threats facing the organization. This role includes the design, development and implementation of strategic direction for cohesive, innovative threat detection capabilities across the global industrial cloud infrastructure. You will work alongside several Predix teams driving this effort.

* Leverage extensive experience in threat detection, penetration testing, forensics & response * Identify opportunities to optimize and consolidate platforms, process & technical design * Utilize tools in place to design efficient, sustainable detection approaches * Build a sustainable and agile incident detection and response process with automation as a key element * Key focus areas involving known/anomalous threats, operations and insider/behaviors * Specialize in network and host centric analysis * (Network Security Monitoring, Live Response, Malware Examination, Reverse Engineering, SIEM, HIPS, HIDS) * Collaborate and lead knowledge sharing initiatives with partner organizations in the public, private and DFIR-focused spaces * Lead large scale individual and matrixed initiatives as directed by management * Mentoring team members in technical/functional areas * As requested, develop and deliver metrics and program updates to leadership

* Bachelor's Degree in Computer Engineering or in a STEM major (Science, Technology, Engineering, or Math) and/or a minimum of 4 years of equivalent experience * Excellent communication skills with the ability to drive technical change and constructively influence peers and leadership * Previous hands on experience in the information and cyber security field * Specific focus on Digital Forensics & Investigative Response (DFIR), cyber security, threat detection, penetration testing (red/blue) and vulnerability management * Demonstration of leadership abilities as well as a strong comprehension of emerging threats * Deep capabilities in offensive / defensive technologies and agile risk assessment will be critical to success * 7 years of operational IT experience * 5+ years’ experience with Network Security Monitoring, SIEM and/or other log aggregation and correlation tools * 4+ years’ experience with host-centric detection & response skills, as well as process automation * Experience in Network Security Monitoring practices, with direct hands-on experience with one or more NSM related technologies: Security Onion, Snort, Bro, Sguil, Snorby, or similar * Experience with host based detection and IR technologies such as McAfee EPO, OSSEC, Yara, MIR, CarbonBlack, Tanium, HBgary ActiveDefense or similar * Experience with Python and object oriented software development practices in Python * Must be willing to work off-shift hours, as needed during incidents