• Support development and delivery of cybersecurity services • Engage with insured clients for risk management • Act as liaison between insureds and underwriting team • Analyze data to identify threat scenarios

Role Description As a Lead Cybersecurity Engineer, you will be responsible for the planning, execution, and departmental operations of product cybersecurity compliance and vulnerability management for GE Vernova’s Operational Technology (OT) portfolio. This role requires a high degree of technical domain expertise to ensure products meet rigorous industry standards and regulations. You will have the autonomy to modify procedures and practices to ensure end results meet standards of quality, volume, and timeliness while maintaining a robust security posture across the product. Qualifications - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. - Minimum of 5 years’ experience in cybersecurity compliance, vulnerability management, or a related technical field. - Minimum of 3 years’ experience with OT-specific frameworks (e.g., IEC 62443, NERC CIP). Requirements - Lead the development, implementation, and monitoring of cybersecurity policies and procedures aligned with industry standards such as IEC 62443, NERC CIP, ISO 27001, and NIST. - Develop and execute comprehensive product and system certification plans, serving as the primary technical lead for IEC 62443 certification processes. - Perform high-level product and system gap assessments, identifying misalignments between current state and regulatory requirements. - Coordinate with external auditors and regulatory bodies, ensuring all documentation related to compliance and audit activities is accurate and up-to-date. - Take ownership of the vulnerability management program, conducting moderate-to-complex system-level analysis to identify and remediate security weaknesses. - Solve complex technical problems with limited guidance, leveraging cross-product linkages and expertise to develop peer-reviewed remediation solutions. - Conduct deep-dive risk assessments to identify potential threats. Develop and implement proactive strategies to mitigate risks and improve the overall security posture of the product portfolio. - Develop and execute program plans, including defining work tasks, project scope, and schedules. - Lead and support technical design reviews, ensuring cybersecurity "secure by design" principles are integrated from inception. - Identify potential improvements in tools and technologies. Proactively solicit feedback from horizontal teams to implement faster, simpler, and more impactful cybersecurity processes. - Actively participate in the technical mentoring program, supporting the growth of junior engineers and sharing domain expertise. - Anticipate internal and external client needs, resolving complex security or compliance issues quickly and effectively. - Foster a positive team spirit by sharing ideas and information, and acknowledging the success of others. Benefits - Medical, dental, vision, and prescription drug coverage. - Access to Health Coach from GE Vernova, a 24/7 nurse-based resource. - Access to the Employee Assistance Program, providing 24/7 confidential assessment, counseling, and referral services. - Retirement benefits including the GE Vernova Retirement Savings Plan, a tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions. - Access to Fidelity resources and financial planning consultants. - Tuition assistance. - Adoption assistance. - Paid parental leave. - Disability benefits. - Life insurance. - 12 paid holidays. - Permissive time off.

• Develop and maintain strong relationships with key stakeholders in the business and IT • Act as the key liaison and esteemed business partner for functional stakeholders • Provide insights for development of IT strategies, policies, and governance frameworks • Collaborate with leadership and cross-functional teams • Lead the function/project specific IT budgeting & resource planning • Proactively engage with business leaders to identify opportunities • Ensure compliance with regulations, industry standards, and security policies • Facilitate the adoption of tools and processes across the organization • Manage risks, issues, and dependencies for strategic IT initiatives

• Manage and harden security baselines across on-prem, hybrid, and cloud systems, ensuring strong protection while maintaining speed and usability. • Integrate telemetry, logging, tracing, and management of structured, semi-structured, and unstructured data across the entire environment to provide unified and comprehensive observability into infrastructure and application activity. • Lead vulnerability management, patching, and configuration assurance programs to reduce exposure and maintain a consistent security posture. • Partner with infrastructure, IT, and application teams to strengthen identity, access, and network security through Okta, Google Workspace, and FreeIPA. • Implement and maintain zero-trust network architectures, SASE controls, CASB solutions, and conditional access policies that protect both users and data across environments to ensure full access and full control of our data and IP regardless of location or device. • Operate and enhance security operations tooling, including SIEM, SOAR, and EDR/XDR platforms, to ensure comprehensive monitoring and rapid detection of threats. • Develop and tune detection logic, automation, and playbooks for identifying and responding to threats such as insider activity, lateral movement, and anomalous behavior. • Investigate and respond to security incidents, performing root-cause analysis, containment, and remediation while coordinating with engineering and IT. • Build automation, scripts, AI agents, and integrations that streamline monitoring, alerting, and remediation workflows to improve efficiency and reliability. • Establish metrics, dashboards, and feedback mechanisms to measure detection coverage, response time, and overall security health. • Promote a culture of security awareness and ownership across engineering teams, ensuring that protection and productivity advance together.