Jan 082019

**Role Summary:**

The Sr Incident Responder will be part of a dynamic, growing team, planning, preparing, hunting for, and responding to cyber incidents stemming from internal and external threat actors. Demonstration of leadership abilities in a large corporate environment as well as a strong comprehension of malware, emerging threats and calculating risk will be critical to success. Finally, this role requires the ability to work with minimal direction from Incident Response and company leadership.

**Essential Responsibilities:**

+ Lead technical aspects of digital security incident detectionand response,focusingon every incidents and high-risk events

+ Specialize in network-centric analysis (NSM), host-centricanalysis (liveresponse,digital forensics), malware analysis, and/or log-centric(event) analysis (SIEM)

+ Performdaily response operations act as escalation points (local point of contactduring incident resolution) for Information Security Incident Analysts, providingthe necessary help in the respective shift

+ Maintain awareness of changing processes,procedures, and standards critical to job performance

+ Write signatures/ rules in Suricata, Splunk and Yara – Tune system/ toolsrelated alerts/ reports

+ Mentor and train Incident Responders as required

+ Hands on experience in responding to, containing and remediatinglive security incidents is essential

+ Ensuring all Incidents and Service Requestsare logged and resolved properly, containing good quality information within to allow effective management and reporting

+ Communicate both proactively and reactivelywith all users, technical resolving teams (BRTs) and 3rd parties


+ Degreein Computer Science or a related technical degree, or strong IT experience

+ Experience detecting and responding to cyber intrusions in anOperations Technologyenvironment or previous hands-on experience in the information securityfield

+ Must be willing to work in shifts to work across global timezones

**Desired Characteristics:**

Technical Expertise:

• The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler

• Strong verbal and written communication skills

• Detailed understanding of APT, Cyber Crime and other associated tactics

• Strong track record of understanding and interest in recognized IT and OT security-related standards and technologies, demonstrated through training, job experience and/or industry

• Knowledge of and/or working on GE OT products

• Professional experience with Cyber Security, Operations Security, Product Security, Industrial Control Systems (ICS), Information Assurance, and Information Technology

• Experience with host based detection and prevention suites (McAfee EPO, OSSEC, Yara, MIR, CarbonBlack, Tanium, etc.)

• Experience with host-centric tools for forensic collection and analysis (SleuthKit, Volatility Framework, FTK, Encase, etc.)

• Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis)

• Experience with malware and reverse engineering (Dynamic and static analysis)

• Strong IT infrastructure background including familiarity with the following:

• Networking (TCP/IP, UDP, Routing)

• Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)

• Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.)

• System/Application vulnerabilities and exploitation

• Operating systems (Windows, *Nix, and Mac)

• Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques

• CISSP, CISM or related SANs certifications preferred

• Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG


**About Us:**

GE (NYSE:GE) drives the world forward by tackling its biggest challenges. By combining world-class engineering with software and analytics, GE helps the world work more efficiently, reliably, and safely. GE people are global, diverse and dedicated, operating with the highest integrity and passion to fulfill GE’s mission and deliver for our customers.

**Locations:** Hungary; Budapest

click here for more details and apply to position

Tipical Questions
Why Is There A Gap In Your Work History? Employers understand that people lose their jobs and it's not always easy to find a new one fast. When answering this question, list activities you'??ve been doing during any period of unemployment. Freelance projects, volunteer work or taking care of family members all let the interviewer know that time off was spent productively.
Questions to ask
Who previously held this position? This seemingly straightforward question will tell you whether that person was promoted or fired or if he/she quit or retired. That, in turn, will provide a clue to whether: there’s a chance for advancement, employees are unhappy, the place is in turmoil or the employer has workers around your age.