EVM Technical Lead
Evendale, Ohio, United States
Job Description Summary Edison Works' Advanced Programs are a key growth area in GE Edison Works, GE Aviation and GE Aviation MSO portfolio with revenue growing 4x over the next 5 years. This cross functional organization partners across product management, engineering, ops, supply chain, DT and security to deliver that growth! Come join the DT team who is critical to success of the scale!
This position will work with technical analysts and security teams to ensure our environment is proactively remediating technical vulnerabilities utilizing various tools and processes. This role is responsible for engaging and leading the Vulnerability Management team and partnering with other technical teams to ensure our environments are compliant and secure.
Job Description
Essential Responsibilities:
Qualifications/Requirements:
Desired Characteristics:
This position will work with technical analysts and security teams to ensure our environment is proactively remediating technical vulnerabilities utilizing various tools and processes. This role is responsible for engaging and leading the Vulnerability Management team and partnering with other technical teams to ensure our environments are compliant and secure.
Job Description
Essential Responsibilities:
- Develop, document, and convey EVM operational requirements to enhance capabilities to identify, track, and remediate system and environment vulnerabilities for a real-time patch management capability
- Review, assess and provide remediation recommendations regarding discovered vulnerabilities and their potential impact to document for operational implementation
- Conduct research and evaluate all-source cyber intelligence to develop in-depth analysis & assessment on threats to vulnerabilities
- Review vulnerability assessments from IA teams, on a recurring and ad hoc basis as need arise using automated and manual capabilities
- Identify, analyze, and develop mitigation or remediation actions for system and network vulnerabilities to deliver and execute with operations team
- Work with IA to prioritize identified vulnerabilities based upon severity, potential operational impact, and other factors utilizing JSTIGs and other regulatory guidelines and requirements
- Compile daily, weekly and annual vulnerability metrics associated with affected and non-affected platforms and environments
- Perform data analysis to ensure completeness of vulnerability scan data across the Edisonworks environment by comparing asset inventory sources against vulnerability scan data using existing or desired platform tools
- Work with IA teams to ensure their vulnerability remediation processes are compliant with compliance requirements
- Present vulnerability management process to auditors/customers, supporting the IAt team for the information systems
- Operate exception management process and investigate/validate false positive detections from the vulnerability scanner
- Monitor, investigate, triage, contain, and mitigate cybersecurity alerts and incidents using approved security tools
- Perform threat and vulnerability management monitoring and provide remediation guidance
- Work with IA and IT to resolve incidents
- Develop strategic plans and processes utilizing automation and standardized tools to ensure compliance and security goals are met by working with Security Architects aligned with EVM.
Qualifications/Requirements:
- Bachelor's degree in computer science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university is required. Four (4) additional years of experience may be substituted for a bachelor's degree
- Five (5) years of related post-secondary education and/or experience in Information Security or Information Technology
- Due to the nature of the work performed in our facilities, United States citizenship is required. We will not sponsor individuals for employment visas, now or in the future, for this job
- Active Unites States Department of Defense security clearance for access to classified information or the ability to apply for and receive/maintain clearance
Desired Characteristics:
- Humble: respectful, receptive, agile, eager to learn
- Leadership ability: strong communicator, decision-maker, collaborative
- Prior vulnerability management experience (patching and configuration) in an enterprise setting
- Prior use or familiarity with Ivanti or Shavlik patching software or similar
- Experience with Anti-Virus software - configuration, management and updates
- Experience and exposure to Change Management and ITIL processe
- Defining application hardware needs, system capabilities and documenting installation requirements of new vendor or GE proprietary engineering systems
- Create Standard Operating Procedures to define process and easier replication of non-automated systems or redundant tasking
- Installing and operating Security Technical Implementation Guides (STIG) and Security Content Automation Protocol (SCAP) software
- Staying up to date on current STIG and SCAP benchmarks to maintain compliant system delivery
- Researchin
- Pay
- N/A
- Hours
- Full time
- Type
- Contract
- Rating
- N/A
- Licence
- N/A
Posted 19 Mar 2021
Closes 18 Apr 2021
Ref: R3556329
This job was posted to: Project manager
