Director - Cyber Security

Job Description Summary

The Director – Cyber Security is accountable for providing strategic leadership for the GE Aerospace Cybersecurity Response Team (GCRT). This role is responsible for leading a global team of cybersecurity SOC analysts and incident responders to triage alerts and notables, detect and analyze potential cybersecurity threats, and contain and remediate cybersecurity incidents. This role manages the strategy for working with Managed Detection and Response (MDR) partners and is focused on continuous improvement to increase performance against KRIs and KPIs.

• Define and execute the global SOC and incident response strategy, aligned to enterprise risk, regulatory requirements, and business priorities to identify and mitigate cybersecurity threats
• Lead 24x7 SOC operations across regions, ensuring consistent detection, triage, containment, and recovery processes with clear escalation paths
• Design and develop incident response capabilities to increase effectiveness, integrating across architecture, detection engineering, SIEM, SOAR, endpoint, network, cloud, identity, email, OTN, and other platforms
• Lead major incident response efforts with some nontraditional working hours including technical actions to contain and remediate cybersecurity incidents and complete forensic investigations
• Operate a hybrid SOC model with clear roles and responsibilities while managing performance oversight and accountability of strategic MDR partners and incident response service providers
• Benchmark program capabilities against industry standards and peer organizations and ensure compliance with relevant regulations and standards for data protection and cybersecurity.
• Stay informed with the latest trends and technologies in cybersecurity to continuously enhance the organization's defenses.
• Recruit, develop, and retain global talent, offering feedback and growth opportunities; establish on-call rotations, training, certifications, and career paths to strengthen team capability
• Manage team deliverables, setting goals and priorities throughout the year, and manage budgets related to scope of team
• Communicate effectively both within immediate team and GE leadership. Ensure team receives consistent messages and has clear understanding of business direction, strategy and results

​Bachelor’s degree from accredited university or college with minimum of 8 years of professional experience OR associate’s degree with minimum of 11 years of professional experience OR High School Diploma with minimum of 13 years of professional experience

Minimum 5 years of professional experience in Cybersecurity Incident Response or Digital Technology (DT)

Note:

Military experience is equivalent to professional experience

• Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job.
• This role requires the successful candidate to maintain a US Government Security Clearance; prerequisite for a security clearance is U.S. Citizenship. Preference will be given to candidates who currently hold US Government Security Clearance.

• Knowledge of aerospace and defense industries or GE Aerospace enterprise and cyber threats
• Deep knowledge of cybersecurity threat detection, APT and cyber-crime threat actors, and cybersecurity frameworks, tools, and technologies
• Prior experience in leading SOC or CIRT teams, cybersecurity incident response or investigations, and data forensics
• Experience with a SIEM, SOAR, and threat detection across multiple attack surfaces including endpoint, network, cloud, identity, email, and OT
• Familiarity with DoD and CMMC security and regulatory requirements
• Understanding of Intelligence Driven Defense concepts including the MITRE ATT&CK Framework, and tactics, techniques, and procedures (TTPs) related to detecting potential cybersecurity threats
• Proven ability to lead, mentor, and inspire a team of cybersecurity professionals
• Ability to solve very complex security issues that span legal, compliance and regulatory obligations
• Demonstrated thought…