Senior Cyber Security Engineer (Remote Eligible, U.S.)

GE Vernova
Remote
Match Resume

About The Position

GE Vernova is seeking a highly skilled and experienced Senior Cyber Security Engineer to join the Product Security team, focusing on the Wind portfolio of products. This role is responsible for leading key cyber security programs and initiatives that protect wind products across their lifecycle — including driving vulnerability remediation efforts, developing and implementing cyber security solutions, and performing root cause analysis on cyber-related issues. The engineer will work hands-on with product and engineering teams to identify, analyze, and resolve security weaknesses while advancing the overall security posture of GE Vernova's Wind portfolio. This position reports to Wind's Product Security Leader, who oversees Wind's Product Security Team. The Product Security Team drives a product cyber security strategy aimed at meeting applicable standards and regulations while leading the industry towards more fundamentally secure wind farms. Essential Responsibilities include: Lead key product cyber security programs from inception through completion, ensuring alignment with key stakeholders, business priorities, regulatory requirements, and product roadmaps. Assess current product security posture against applicable regulatory requirements, identify gaps, and develop structured remediation plans and roadmaps. Lead the effort to achieve and/or maintain standards-based certification for the product security program and/or specific Wind products. Manage audit preparation activities, including coordination with internal auditors and third-party certification bodies, evidence collection, and providing responses to findings. Support and/or drive the development, maintenance, and usage of internal tools for product security, such as the product asset inventory, vulnerability management automation. Design, develop, and support OT/ICS cybersecurity solutions for wind farm, such as SIEM detection rules, endpoint protection (EDR/AV/application whitelisting), and network segmentation, based on customer requests, regulatory requirements, and commercial strategy. Design, develop, and implement cyber security solutions and controls, collaborating with cross functional teams, that address identified risks, vulnerabilities, and gaps across Wind’s products, systems, and processes. Lead root cause analysis efforts for security vulnerabilities and non-conformities, delivering findings and actionable recommendations. Support incident response activities related to product security vulnerabilities.

Requirements

  • Bachelor’s Degree from an accredited university in Engineering, Computer Science, Cybersecurity, Information Technology, or related field. Alternative acceptable experience will be considered on a case-by-case basis.
  • Minimum 8 years of experience in cybersecurity with at least 5 years focused on industrial control systems (ICS), operational technology (OT), or product security.
  • Minimum 4 years of experience with product security regulations and standards, such as IEC 62443 series of standards or equivalent, especially implementation of said regulations/standards.

Nice To Haves

  • Experience driving preparation of a security program for cyber security audits, certifications, and/or assessment, especially those related to a product regulation.
  • Demonstrated knowledge and understanding cybersecurity tools/solutions (e.g., Firewalls, antivirus, security incident and event management systems, intrusion detection systems, intrusion prevention systems), including experience providing installation/configuration recommendations.
  • Master's degree in a relevant field.
  • Cyber security certification (ex. GICSP, CEH, CCNA, CISSP).
  • Demonstrable in-depth knowledge of how to interpret and implement product cybersecurity regulatory requirements in a product security program through policies, standards, and procedures.
  • Strong understanding of operational technologies (e.g., PLCs) and protocols (e.g., Modbus, Profinet, DNP3, OPC [DA, AE, UA], IEC 61850) used in manufacturing, power generation, wind farms, SCADA systems, and other industrial environments or industrial products.
  • Experience using cyber security tools (e.g., Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Cloud-Native Application Protection Platform (CNAPP), Artificial Intelligence (AI), or other weakness / vulnerability scanning tools) to identify and track cyber security vulnerabilities.
  • Experience with cloud security principles and practices.
  • Ability to work independently and collaboratively as necessary with a cross-functional team.
  • Strong oral and written communication skills.
  • Demonstrated ability to analyze and resolve problems.
  • Experience responding to product cyber security vulnerabilities.

Responsibilities

  • Lead key product cyber security programs from inception through completion, ensuring alignment with key stakeholders, business priorities, regulatory requirements, and product roadmaps.
  • Assess current product security posture against applicable regulatory requirements, identify gaps, and develop structured remediation plans and roadmaps.
  • Lead the effort to achieve and/or maintain standards-based certification for the product security program and/or specific Wind products.
  • Manage audit preparation activities, including coordination with internal auditors and third-party certification bodies, evidence collection, and providing responses to findings.
  • Support and/or drive the development, maintenance, and usage of internal tools for product security, such as the product asset inventory, vulnerability management automation.
  • Design, develop, and support OT/ICS cybersecurity solutions for wind farm, such as SIEM detection rules, endpoint protection (EDR/AV/application whitelisting), and network segmentation, based on customer requests, regulatory requirements, and commercial strategy.
  • Design, develop, and implement cyber security solutions and controls, collaborating with cross functional teams, that address identified risks, vulnerabilities, and gaps across Wind’s products, systems, and processes.
  • Lead root cause analysis efforts for security vulnerabilities and non-conformities, delivering findings and actionable recommendations.
  • Support incident response activities related to product security vulnerabilities.

Benefits

  • Medical, dental, vision, and prescription drug coverage
  • Access to Health Coach from GE Vernova, a 24/7 nurse-based resource
  • Access to the Employee Assistance Program, providing 24/7 confidential assessment, counseling and referral services
  • GE Vernova Retirement Savings Plan, a tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions
  • Access to Fidelity resources and financial planning consultants
  • Tuition assistance
  • Adoption assistance
  • Paid parental leave
  • Disability benefits
  • Life insurance
  • 12 paid holidays
  • Permissive time off

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Job Search Resources

Similar Senior Cyber Security Engineer (Remote Eligible, U.S.) job opportunities

Senior Cyber Security Engineer
Evolver Federal
Evolver Federal7d
Senior Cyber Security Engineer
AST SpaceMobile
AST SpaceMobile • Lanham, MD6d
Pre-Sales Solution Engineer
Qualcomm
Qualcomm • San Diego, CA11d • Remote
Cyber Security Engineer
Leidos
Leidos • Tampa, FL13d
Cyber Security Engineer
LLNL
LLNL • Livermore, CA7d • $146,340 - $222,564 • Hybrid
Cyber Security Engineer
Viasat, Inc.
Viasat, Inc.12d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service