GE VernovaRemote
Lead Cybersecurity Engineer – Vulnerability and Compliance
United States of America
Full Time
5 hours ago
$89,000 - $149,000 USD
No H1B
Key skills
Mentoring
About this role
GE Vernova is seeking a Lead Cybersecurity Engineer to oversee product cybersecurity compliance and vulnerability management for their Operational Technology portfolio. This role involves developing cybersecurity policies, conducting risk assessments, and leading technical design reviews to ensure adherence to industry standards and regulations.
Responsibilities:
- Lead the development, implementation, and monitoring of cybersecurity policies and procedures aligned with industry standards such as IEC 62443, NERC CIP, ISO 27001, and NIST
- Develop and execute comprehensive product and system certification plans, serving as the primary technical lead for IEC 62443 certification processes
- Perform high-level product and system gap assessments, identifying misalignments between current state and regulatory requirements
- Coordinate with external auditors and regulatory bodies, ensuring all documentation related to compliance and audit activities is accurate and up-to-date
- Take ownership of the vulnerability management program, conducting moderate-to-complex system-level analysis to identify and remediate security weaknesses
- Solve complex technical problems with limited guidance, leveraging cross-product linkages and expertise to develop peer-reviewed remediation solutions
- Conduct deep-dive risk assessments to identify potential threats. Develop and implement proactive strategies to mitigate risks and improve the overall security posture of the product portfolio
- Develop and execute program plans, including defining work tasks, project scope, and schedules
- Lead and support technical design reviews, ensuring cybersecurity 'secure by design' principles are integrated from inception
- Identify potential improvements in tools and technologies. Proactively solicit feedback from horizontal teams to implement faster, simpler, and more impactful cybersecurity processes
- Actively participate in the technical mentoring program, supporting the growth of junior engineers and sharing domain expertise
- Anticipate internal and external client needs, resolving complex security or compliance issues quickly and effectively
- Foster a positive team spirit by sharing ideas and information, and acknowledging the success of others
Requirements:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field
- Minimum of 5 years' experience in cybersecurity compliance, vulnerability management, or a related technical field
- Minimum of 3 years' experience with OT-specific frameworks (e.g., IEC 62443, NERC CIP)
- Battery Energy Storage design or operations experience
- Proficiency in vulnerability scanning tools (e.g., Nessus, Qualys) and risk assessment methodologies
- Strong organizational skills with the ability to manage departmental operations and execution independently
- CISSP, CISM, or equivalent professional cybersecurity certification