Job Description Summary
The Sr Staff Cyber Security Researcher will leverage deep technology, process, and domain expertise to protect GE Aerospace from new and emerging cybersecurity threats through threat hunting, detection engineering, signature deployment, and attack emulation. The role will be responsible for leading the Cyber Intel & Active Defense threat hunting program including defining and coordinating the people, process, and technologies required to deliver a mature and advanced capability. The role will work with other cybersecurity analysts to identify threat actor TTPs, track threat reports in a threat intelligence platform, and develop, test, and deploy detection signatures utilizing telemetry from security sensors and agents.
Job Description
Roles and Responsibilities:
In this role, you will:
- Partner with GE Aerospace cyber intel analysts and incident responders to define new and emerging threats and write and deploy detection signatures to identify and alert on potentially suspicious or malicious behavior
- Lead and coordinate the threat hunting program including identification of new use cases and hypothesis to test, prioritize the backlog, and direct threat hunting activity leading to potential identification of new incidents, improved detection signatures, or enhanced controls
- Use existing processes and standard work to to develop, test, and tune new detection signatures that protect against emerging threats
- Incorporate automated testing, validation, and documentation of signatures using simulated threat activity in a controlled sandbox environment
- Enable analysts to conduct adversary simulation to determine if flaws and exposures can be exploited by unfriendly forces
- Research, develop, implement, test and document tools, techniques and tactics used by adversaries to compromise and maintain control of information assets
Education Qualification:
- Bachelor’s degree from accredited university or college with minimum of 6 years of professional experience OR Associates degree with minimum of 9 years of professional experience OR High School Diploma with minimum of 11 years of professional experience
- Minimum 5 years of professional experience in Cyber Security or IT
- Note: Military experience is equivalent to professional experience
Eligibility Requirement:
- Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job.
Desired Characteristics:
- Experience with using a threat intelligence platform to collect, process, prioritize, and organize threat intel data from multiple sources
- Experience with researching and characterizing adversary behavioral tactics, techniques, & procedures (TTPs), including familiarity with the MITRE ATT&CK framework
- Experience with continuous monitoring, conducting adversary threat simulation, or a purple team approach to assess and validate detection signatures are effectively tested, tuned, and deployed across the enterprise environment using AttackIQ, Scythe, or similar tools
- Experience with log aggregation and log-centric analysis using Splunk, Sentinel, or other SIEM platforms
- Extreme resourcefulness with willingness to learn and teach how to characterize adversary tools and techniques, assess and test Company resources, and improve Company defenses
- Demonstrated ability to design and develop playbook automation using SOAR platforms, Powershell, python, or Azure logic apps
- Excellent communication skills including both verbal and written
- Strong track record of understanding and interest in current and emerging technologies demonstrated through training, job experience and / or industry activities
- Strong team player - collaborates well with others to solve problems and actively incorporates input from various sources
- Demonstrated customer focus - evaluates decisions through the eyes of the customer and can build strong customer relationships
- Change oriented - suggests and implements process improvements; supports and drives change, and confronts difficult circumstances in creative ways
Additional Information
GE Aerospace offers a great work environment, professional development, challenging careers, and competitive compensation. GE Aerospace is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
GE Aerospace will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
Relocation Assistance Provided: No
#LI-Remote - This is a remote position
