Staff Cyber Security Engineer – Foundation

Job Description Summary

The Senior Cyber Security Engineer will be expected to leverage open-source technology and industry standard programming languages to enhance cyber security operations. Success in this role will require delivery of engineering, software development, and build-automation projects in an agile environment.

This role will also be a driving force behind the adoption of new detection technologies based on behavioral analytics and machine learning. This position is responsible for leading the development of enterprise platforms that enable the monitoring, automation, and orchestration of GE’s network security platforms, including both physical and virtual IDS, and big-data analytics.

Job Description

Role Summary/Purpose

The Staff Cyber Security Engineer is a hands-on role requiring knowledge of software development, technology, cyber security and data protection. The engineer will be part of a development team focused on building security components that will be part of a common foundational layer used by other products within the company.

Essential Responsibilities

In this role, you will:

  • Write high quality code!
  • Be open to learn new technologies and techniques
  • Drive best software engineering practices and sound design principles by example
  • Mentor more junior team members via training sessions and meaningful code reviews
  • Maintain high quality documentation on security components
  • Design and implement APIs for security microservices
  • Support the creation of reliable automated end-to-end security tests
  • Collaborate with the cyber security product manager to validate business requirements and obtain feedback on implemented functionality
  • Develop security artifacts necessary to deliver software products according to the secure development lifecycle and GDPR requirements
  • Decompose epics and business workflows into user stories ready to be developed in an agile fashion
  • Participate in discussions around secure models for CI/CD
  • Support other teams as they use the foundational security components

Required Qualifications

  • Working knowledge of Threat Modelling, OWASP Top Ten vulnerabilities and compensating controls (CSRF, XSS, SQLI, etc.)
  • Professional experience using OAuth2/OpenID Connect
  • Working experience in one or more programming languages such as Java, C#, C++, Go, Python, etc..

Desired Characteristics

  • Understanding of the criticality of some of the software used within the energy sector
  • Familiarity with Oauth2, SAML and Kerberos protocols
  • Experience with LUA programming
  • Working knowledge of a service mesh (Istio or Linkerd, for example)
  • Familiarity with data encryption fundamentals: PKI/Certificate Management, Encryption, Digital Signatures & Key Management
  • Familiarity with SAML and Kerberos protocols
  • Working knowledge of Agile development as well as source control tools such as CVS/SVN /Git , with preference for Git
  • Working knowledge of security architecture design patterns
  • Knowledge of GDPR and “privacy by design” principles

Education Qualification

  • Bachelor’s Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math), or will possess comparative experience
  • Minimum of 6 years of experience

GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

Relocation Assistance Provided: Yes

More Information

Apply for this job

Leave your thoughts

Share this job