Job Description Summary
The Grid Automation (GA) Lead Engineer - Cybersecurity Consultant has the mission to contribute to GA growth by assisting in the cybersecurity sales process (including demos and bid responses), as well as the execution and delivery of various cybersecurity offerings at the customer’s locations on an as-needed basis.
As a key member of a global and matrixed design team, Lead Engineer – Cybersecurity Consultant is has the mission to support GA Services growth and is responsible for leading the security testing for GA cybersecurity products/solutions, analyzing cybersecurity data, conducting various cybersecurity assessments at customer locations, meeting with global stakeholders, supporting on tendering process for cybersecurity projects, leading cybersecurity projects from engineering to FAT as per GA project lifecycle.
Job Description
ESSENTIAL RESPONSIBILITIES:
Lead reviews, suggest architectural changes, conduct tests to ensure Grid Automation meets our customers’ cybersecurity requirements. Collaborates with a broad global team of Grid Automation staff both within each Region, as well as at GA main or factory locations. The position requires a clear understanding of OT (operational technology) Systems, design architectures, major cybersecurity industry standards, and conversant with all cybersecurity requirements within the energy sector.
The Lead Engineer - Cybersecurity Consultant should be comfortable making design decisions in a sometimes-uncertain context, crafting innovative cybersecurity solutions, and demonstrating rigorous and decisive leadership to meet customer’s cybersecurity requirements.
As the Lead Engineer - Cybersecurity Consultant, you will:
- Serve as leader and cybersecurity subject matter expert (SME) for high profile, innovative utility & industrial security initiatives.
- Work together with regional tendering teams to respond to customer’s cybersecurity requests to properly scope out all requirements.
- Collaborate with various regional leads to define and develop top level cybersecurity requirements, architectures, and designs.
- Facilitate decisions and bring teams together to design and document cybersecurity architectures and environments at customer locations.
- Assist the Sales Operations teams in responding to demo requests, RFPs (request for proposal), and other Bid/Tender requests.
- Development and delivery of proposals and scope of work documents. Conducting security reviews and assessments of clients’ operational technology and ICS security risk landscapes to advise on enhancements, and develop strategies, roadmaps, and new operating models to help clients achieve these enhancements.
- Provide in depth knowledge of industrial cybersecurity network architecture and cybersecurity best practices.
- Perform technical presentations and demos for customers, partners, and prospects; lead development of proposals for assigned opportunities.
- Work with the GA Cybersecurity team to create new product and service offerings to reduce cyber risk in ICS environments.
- Lead safe vulnerability assessment and penetration testing engagements in industrial & OT environments and take ownership in writing actionable reports.
- Perform cybersecurity audits and risk assessments based on IEC 62443 and NERC-CIP; provide training for internal and external customers; write and participate in acceptance tests; troubleshoot system issues and provide solutions.
- Lead design, implementation, and management of advanced security technologies for network and systems security within industrial & utility environments
- Design and build the infrastructure required (Cybersecurity Lab) for internal offerings validation and customer remote support.
- Lead and champion testing and validation of critical cybersecurity architectures, products, solutions, and services – either from 3rd-party vendors or from GE Vernova.
- Mentor, develop, coach, and mentor the regional cybersecurity delivery teams (customer engineers) to strengthen their overall technical and business capabilities.
- Develop and conduct training on a variety of cybersecurity topics for the Regions and GA staff as needed.
- Influence future GA products cybersecurity features based on learnings.
- Stay current with Cybersecurity standards evolution, industry trends, customers’ expectations.
- Understand competitors’ offerings, industry trends, customers’ behavior.
- Stay connected with the market dynamics, engage with GA customers to understand their cybersecurity needs / pain-points, and translate them into new cybersecurity sales opportunities.
- Present the Grid Automation cybersecurity offerings to customers in a variety of locations – including trade shows and events.
- Develop sophisticated cybersecurity designs for customer environments.
- Understand competitors’ offerings, industry trends, customers’ behavior.
- Lead and champion testing and validation of critical cybersecurity architectures, products, solutions, and services – either from 3rd-party vendors or from GE Vernova.
- Produce technical documentation for cybersecurity architectures, designs, assessments, and verification plans.
- Manage / maintain cybersecurity lab (equipment and software) at HTC location.
- Mentor, develop, coach, and mentor the regional cybersecurity delivery teams (customer engineers) to strengthen their overall technical and business capabilities.
- Develop and conduct training on a variety of cybersecurity topics for the Regions and GA staff as needed.
- Design, scope, install, and configure all components of customer cybersecurity projects.
- Experience with Microsoft 365 applications (e.g., Excel, PowerPoint, and Word), Microsoft Teams, and Microsoft SharePoint.
- Experience with Box, OneDrive, Smartsheet, Adobe, Tableau, and SFDC.
- Willingness and the ability to participate in video meetings that occasionally happen early in the morning, or later in the evening.
- Global travel on an as needed basis – can be as high as 50% during peak periods.
QUALIFICATIONS/REQUIREMENTS:
- Minimum of a Bachelor’s degree from an accredited university in Cybersecurity, Engineering, Computer Science, or Information Technology
- Minimum 5 years of experience in providing cybersecurity services and solutions in an industrial control systems environment.
- Familiar with penetration testing, ethical hacking, cybersecurity assessments, Operating System hardening, general computing system hardening, network architecture, Zero Trust and VPN configurations, SIEM, IDS/IPS, application whitelisting, etc.
- Familiar with fundamentals of cryptography
- Worked on Cybersecurity tools and solutions like Wireshark, NESSUS, Burp Suite, Nmap, Nozomi, Claroty, Splunk, Dragos, Xona, Acronis, Ivanti, etc.
- Worked on Active Directory, LDAP, RADIUS, TLS, SSH, SFTP, RSA, HTTPS, Certificate Management / PKI systems, and hardening w.r.t CIS benchmarks for critical assets like switches, windows-based workstation, and controllers.
- Demonstrated experience with Linux, and Microsoft Windows operating systems including user account management, security / system hardening & device control, and patch management.
- Familiarity with NERC-CIP, NIST, IEC62351 standards, cyber asset protection regulations and standards, and OT communication protocols, IEC61850, DNP, ISA/IEC 62443 standards, ABS guidelines, and IEC 60870-5-104, as well as others affecting the utilities industry.
- Familiar with firewall, SIEM, NIDS, HIDS configuration and deployment.
- Certifications like CCNA, CEH, Security+, CISSP, GICSP, PNPT, and IEC62443 will be an added advantage.
- Demonstrated experience with risk assessment according to IEC 62443 and regulatory compliance audit according to NERC-CIP
- Strong customer service mind-set.
DESIRED CHARACTERISTICS:
- Ability to work comfortably in a global organization with people from many different cultures and backgrounds.
- Bi-lingual or multilingual is highly desired, and a huge plus.
- Ability to interface with, and influence all levels of the customer’s organization, as well as other internal GE Vernova functions, and be able to converse in detail about a broad amount of cybersecurity topics.
- Has a good handle on where the cybersecurity industry is headed, when, and why.
- Strong account management, sales, and consulting presence.
- Strong customer advisory (trusted advisor) and advocacy skills.
- Strong business acumen and commercial savvy.
- Strong customer service mindset – customer first mentality.
- Strong business and financial acumen and operating background.
- Solid oral and written communication and training skills.
- Strong interpersonal and leadership skills.
- Strong team player with a desire to go the extra mile when needed.
- Demonstrated track record of success with cybersecurity proposal responses.
- Excellent technical written and verbal communication skills.
- Proven cybersecurity project management and execution experience
Additional Information
Relocation Assistance Provided: No