The Sr Cyber Security Researcher (Red Team operator) is responsible for delivering controlled threat simulation services against company assets and partnering with business security teams to drive change. This includes threat research, structured attack development, vulnerability research and exploit development / testing, scripting, controlled exploitation of configuration weaknesses and software vulnerabilities, evasion of detection mechanisms and more.
· Partner with business IT security teams to drive improvement in IT security as a result of Cyber Security Research engagements
· Executing engagements; defining scope, coordinating attacks, executing tests and reporting findings, following an established methodology in accordance with defined processes
· Conduct adversary simulation to determine if flaws and exposures can be exploited by unfriendly forces
· Research, develop, implement, test and document tools, techniques and tactics used by adversaries to compromise and maintain control of information assets
· Coordinate with other teams in IT Risk in development of threat agent profiles
· Participate in cross-team Task Forces to drive impact of Cyber Security Research findings as appropriate
· Bachelor's Degree in Computer Science or a related technical degree (OR Minimum 6 years of professional IT experience)
· Minimum 2 years of experience in scripting
· Minimum 2 years of deep, hands-on, technical security experience with at least one of: Wired Network technologies (CISCO routers / switches, Checkpoint), Wireless (WLAN, WIMAX, RFID), Enterprise Storage Systems, UNIX / Linux, Windows / AD, iSeries / zSeries, ORACLE, Web applications and Services, Cryptography, Social Engineering and Open Source Intelligence Gathering (OSINT), Mobile platforms, Software Security (Source Code Auditing and Binary Reversing)
· Minimum 1 year of experience developing exploit code or novel attacks
· Must be legally authorized to work in the US. GE will not agree to sponsor individuals' employment visas, now or in the future, for this role.
· Must be willing to work out of an office in Glen Allen, VA
· Experience conducting penetration testing engagements
· Experience with the command line in Windows and / or Linux
· Ability to rapidly find, assimilate and synthesize information in pursuit of attacks
· Extreme resourcefulness with willingness to learn and teach how to characterize adversary tools and techniques, assess and test Company resources, and improve Company defenses
· Demonstrated ability to compromise complex IT systems / applications in enterprise environments
· Experience conducting threat simulation or penetration testing engagements in an enterprise environment
· Proven vulnerability analysis skills
· Excellent communication skills including both verbal and written
· Hardware / electronics experience
· Strong track record of understanding and interest in current and emerging technologies demonstrated through training, job experience and / or industry activities
· Strong team player - collaborates well with others to solve problems and actively incorporates input from various sources
· Demonstrated customer focus - evaluates decisions through the eyes of the customer and can build strong customer relationships
· Change oriented - suggests and implements process improvements; supports and drives change, and confronts difficult circumstances in creative ways
· Ability to read / write foreign languages
GE (NYSE:GE) drives the world forward by tackling its biggest challenges. By combining world-class engineering with software and analytics, GE helps the world work more efficiently, reliably, and safely. GE people are global, diverse and dedicated, operating with the highest integrity and passion to fulfill GE’s mission and deliver for our customers. www.ge.com
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is anEqual Opportunity Employer . Employment decisions are made without regard to race, color, religion, national or ethnic origin, gender (including pregnancy), sexual orientation, gender identity or expression, age, disability, veteran status or any other characteristics protected by law.
Additional Eligibility Qualifications
GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).