Senior Product Security

GE Vernova

full-time

Posted on: 9/26/2025

Location: 🇺🇸 United States

✨ AI Apply

💰 $158,000 - $210,600 per year

Senior

Cyber SecurityFirewallsLinuxTCP/IP

About the role

Participate in the development and delivery of competitive product cyber security solutions to support targeted growth.
Implement the secure development life cycle (SDL), including security assessment, threat modelling, requirements definition, security architecture and design, penetration testing and secure deployment guide.
Contribute in decisions related to technology choices and design, for alignment with the overall Grid Automation cyber security strategy and roadmap.
Share best practices and lessons learned and continuously update the technical cyber security architecture, based on changing technologies, in collaboration with other product security leads, domain architects and experts.
Recommend and participate in the design and implementation of standards, tools, and methodologies in the research and development community of GE Grid Automation.
Develop and conduct relevant security training for various internal audience, such as product managers, software engineers and technical support.
Implement the cyber security vulnerability and incident process, including vulnerability assessment, solution definition (in collaboration with the development team), communication with external parties where applicable and drafting the security advisories.
Lead a team of product security leads implementing the secure development life cycle (SDL) and the vulnerability and incident process, including security assessment, threat modeling, , requirements definition.

Bachelor’s Degree from an accredited university in Engineering, Computer Science or Information Technology
Minimum 10 years of experience with cyber security, preferably in an Operational Technology (OT) environment.
Demonstrated knowledge and understanding of the TCP/IP network stack, communication protocols and applications, including Modbus, DNP3, IEC61850, HTTPS, LDAP, RADIUS.
Demonstrated experience with Linux, VxWorks and Windows operating systems including user account management, security / system hardening, device control, and patch management.
Experience with Telecom and Network Equipment (Routers, Switches, Firewalls)
Experience with vulnerability assessment tools and penetration testing methodologies.
Knowledge of cyber asset protection regulations and standards affecting the utilities industry including NERC-CIP, NIST, IEC62443, IEC62351
Excellent oral and written communications skills
Ability to work effectively in a team and across functions, partnering with other teams in a worldwide environment
Cyber security certification (ex. ISC2, SANS, ISACA, GICSP)
Experience with programing and scripting languages.
Strong customer service mind-set
Strong interpersonal and leadership skills
For US Based Candidates: The Company will only employ those who are legally authorized to work in the United States for this opening.