Responsable architecture système cybersécurité - H-F at Ge Vernova in Stafford, England, United Kingdom | Kablio

Role

Description

vulnerability assessment

cyber audits

architecture audits

security training

reference architecture

security certification

If needed by Business Lines, could support directly project teams to ensure all relevant engineering artifacts are ready and verified, and ensure tracking.
Conduct vulnerability assessment in complex systems and maintain the vulnerability assessment methodology.
Effectuer des audits internes réguliers sur les aspects cybersécurité de nos processus d’ingénierie afin de s’assurer de leur conformité et de leur amélioration continue.
Apporter un support aux Lignes de Produits pour les artifacts d’ingénierie, les valider et s’assurer que les documentations soient à jour.
Contribuer avec les Lignes de Produits aux audits d’architecture et de sécurité pour les projets complexes.
Support Business Lines into performing architecture audits for existing complex projects.
Develop and conduct relevant security training for various internal audience, such as project engineers and architects.
Contribute to the Product Security Governance: compliance with GEV Policies, international Standards and regulations.
Support Business Lines for the Incident and Vulnerability Management compliance according to GEV Policies.
Oversee the development of documentation on process, standards and guidance related to engineering cybersecurity for complex systems.
Définir et maintenir la répartition des responsabilités, les architectures de références et assurer l’interopérabilité de l’ingénierie sur les aspects cybersécurité, dont la documentation, en conformité avec les politiques GE Vernova.
Réaliser des évaluations de vulnérabilités sur les systems complexes et maintenir les méthodologies associées.
Support tendering and engineering functions to ensure high quality, high secure complex systems delivery.
Piloter les documentations relatives à la cybersécurité des systèmes complexes : processus, recommendations, procédures.
Share best practices and lessons learned and continuously update the technical cyber security architecture, based on changing technologies, in collaboration with product security community, domain architects and experts.
Perform regular internal audit on the engineering processes to evaluate compliance and identify improvement in both the process itself and its implementation in Business Lines from a cyber perspective.
Maintain the Division of Responsibility, reference architectures, and interoperability standards for engineering, including documentation, while ensuring compliance to GEV Policies.
Coordinate and contribute to complex systems (IEC 62443-3-3) and system integrator (IEC 62443-2-4) certifications.
Apporter un support aux Lignes de Produits pour les appels d’offre et les fonctions d’ingénierie projet pour assurer le niveau de qualité et la livraison de systèmes complexes au niveau de sécurité souhaité.

Requirements

penetration testing

iec 62443

scada

linux

bachelor

english

Excellentes capacités de communication et maîtrise de l'anglais écrit et oral
Contribuer à la gouvernance sécurité des produits : conformité aux politiques internes, aux standards et régulations.
Experience with penetration testing and vulnerability assessment
Expérience confirmée sur les architectures systems du secteur électrique, minimum 5 ans
Bachelor en informatique ou spécialisation « STEM » (sciences, technologie, ingénierie et mathématiques
Strong interpersonal and leadership skills
Connaissances approfondie des frameworks, standards et régulations relatifs à la cybersécurité en environnement OT : NERC CIP, IEC 62443, IEEE 1686, IEC 62351, Directive NIS2, NCSC CAF, AES CAF, NIST, etc.
Veille sur les standards cybersécurité et compréhension du paysage (acteurs, tendances, technologies, stratégies possibles)
Coordonner et contribuer aux certifications liées aux systèmes complexes (IEC 62443-3-3) et au rôle d’intégrateur système (IEC 62443-2-4)
In-depth knowledge of industrial control systems, SCADA architectures, and communication protocols, including Modbus, DNP3/IEC 104 and IEC 61850.
Connaissance approfondie des systèmes industriels et de leurs contraintes, SCADA, DMZ, architectures, et protocoles de communication, notamment Modbus, DNP3/IEC 104 et IEC 61850
GEV leadership behaviors: deliver with focus, lead with transparency and act with humility
Bachelor’s Degree in Engineering, Computer Science, or Information Technology from an accredited university
Experience with Telecom and Network Equipment (Routers, Switches, Firewalls)
Pro-activeness, sense of urgency, resistance to pressure, autonomy; ability to interact with multiple functions and teams worldwide
Demonstrated experience with systems architecture in electric sector and associated documentation
Ability to work effectively in a team and across functions, partnering with other teams in a worldwide environment
Symmetric and asymmetric cryptography and PKI infrastructure
Minimum 3 ans d’expérience sur la conception d’architectures sécurisées design, DMZ, appliances de sécurité, de préférence en environnement Operational Technology (OT)
Expérience avec les équipements telecom et réseau (routeurs, switches, firewalls)
Partager les bonnes pratiques et retours d’expérience, mettre à jour en continu les recommandations techniques en tenant compte de l’évolution des technologies, en collaboration avec la communauté « sécurité produit », les architectures et experts.
Continuous improvement mindset
Fluent English speaking and writing mandatory
Strong oral and written communication skills
Experience with security technologies, such as
Encryption, TLS, RSA and code signing
Capacités à travailler efficacement en équipe, avec différents départements, dans un environnement international
Proven experience with cybersecurity frameworks and standards relevant to OT environments, such as NERC CIP, IEC 62443, IEEE 1686, IEC 62351 as well experience with NIS Directive, NCSC CAF, AES CAF, NIST
Awareness of latest technical developments in the cyber security community
Virtualisation solutions (VMWare, Hyper-V, Proxmox, etc.)
Cyber security certification (ex. ISC2, SANS, ISACA, CISSP, ISA) is a plus
Les certifications de sécurité sont un plus (ex. ISA, CISSP, SANS, ISACA)
Demonstrated experience with Linux, VxWorks and Windows operating systems including user account management, security / system hardening, device control, and patch management.
Minimum 3 years of experience in secure architectures design, DMZ, security appliances, preferably in an Operational Technology (OT) environment
LDAP, RADIUS, SSH, SFTP, HTTPS, SYSLOG
Contribuer à la gestion des incidents et vulnérabilités des systèmes, en conformité avec les politiques internes, en appui des Lignes de Produits.
Transmettre et former en interne sur les sujets liés aux standards cybersécurité, notamment pour une audience R&D, ingénieurs, commerciaux, architectes, responsable produit
Compétences interpersonnelles et leadershi
Excellent oral and written communication skills
Demonstrated knowledge and understanding of network communications protocols in the TCP/IP network stack.
Strong customer service mind-set

Benefits

Information not given or found

Training + Development

Information not given or found

Interview process

Information not given or found

Visa Sponsorship

Information not given or found

Security clearance

Information not given or found

Company

Overview

April 2024

Founded

The company emerged from the spin-off of GE's energy units in April 2024.

>$10B Quarterly Revenue

Revenue Growth

Achieves over $10 billion in quarterly revenue, driven by demand for power infrastructure and digital solutions.

$3B

Wind Turbine Backlog

Maintains a significant backlog in wind turbine orders, reflecting strong market demand.

25%

Global Electricity Supply

Contributes to generating 25% of the world’s electricity through its installed turbines and grids.

Traces roots back to Edison and Alstom, merging power, renewable, digital & financial wings.
Headquartered in Cambridge, MA, crafts large-scale gas turbines, SMRs, wind turbines, hydro and grid tech to fuel economies.
On the nuclear front, advancing small modular reactors (like BWRX‑300) in partnership with utilities and supporting semiconductor projects.
Wind prowess spans onshore, offshore and blade making—with key sites like Dogger Bank offshore and blade plants in Spain.
Electrification arm tackles grid stability: HVDC, transformers, storage, conversion, plus GridOS software powering smarter infrastructure.
Weaves finance and consulting through energy-infrastructure investments, funding solar farms to pipelines via GE Energy Financial Services.

Culture + Values

Relentlessly focused on advancing the world’s transition to cleaner, more sustainable energy.
Believes in working with customers, partners, and communities to create innovative energy solutions that make a meaningful difference.
Prioritizes excellence, integrity, and accountability in everything they do.
Committed to driving real change through technology and partnerships that will transform the global energy landscape.

Environment + Sustainability

2050 target

Net zero commitment

Committed to achieving net zero carbon emissions by 2050.

Focused on reducing emissions through advanced energy technologies.
Maximizing use of renewable energy sources and leveraging digital solutions for energy efficiency.
Solutions aim to decarbonize industries and help customers meet their sustainability goals.

Inclusion & Diversity

Articles

Contact GE Vernova

Our Approach to Sustainability

Careers at GE Vernova

Role

Description

vulnerability assessment

cyber audits

architecture audits

security training

reference architecture

security certification

If needed by Business Lines, could support directly project teams to ensure all relevant engineering artifacts are ready and verified, and ensure tracking.
Conduct vulnerability assessment in complex systems and maintain the vulnerability assessment methodology.
Effectuer des audits internes réguliers sur les aspects cybersécurité de nos processus d’ingénierie afin de s’assurer de leur conformité et de leur amélioration continue.
Apporter un support aux Lignes de Produits pour les artifacts d’ingénierie, les valider et s’assurer que les documentations soient à jour.
Contribuer avec les Lignes de Produits aux audits d’architecture et de sécurité pour les projets complexes.
Support Business Lines into performing architecture audits for existing complex projects.
Develop and conduct relevant security training for various internal audience, such as project engineers and architects.
Contribute to the Product Security Governance: compliance with GEV Policies, international Standards and regulations.
Support Business Lines for the Incident and Vulnerability Management compliance according to GEV Policies.
Oversee the development of documentation on process, standards and guidance related to engineering cybersecurity for complex systems.
Définir et maintenir la répartition des responsabilités, les architectures de références et assurer l’interopérabilité de l’ingénierie sur les aspects cybersécurité, dont la documentation, en conformité avec les politiques GE Vernova.
Réaliser des évaluations de vulnérabilités sur les systems complexes et maintenir les méthodologies associées.
Support tendering and engineering functions to ensure high quality, high secure complex systems delivery.
Piloter les documentations relatives à la cybersécurité des systèmes complexes : processus, recommendations, procédures.
Share best practices and lessons learned and continuously update the technical cyber security architecture, based on changing technologies, in collaboration with product security community, domain architects and experts.
Perform regular internal audit on the engineering processes to evaluate compliance and identify improvement in both the process itself and its implementation in Business Lines from a cyber perspective.
Maintain the Division of Responsibility, reference architectures, and interoperability standards for engineering, including documentation, while ensuring compliance to GEV Policies.
Coordinate and contribute to complex systems (IEC 62443-3-3) and system integrator (IEC 62443-2-4) certifications.
Apporter un support aux Lignes de Produits pour les appels d’offre et les fonctions d’ingénierie projet pour assurer le niveau de qualité et la livraison de systèmes complexes au niveau de sécurité souhaité.

Requirements

penetration testing

iec 62443

scada

linux

bachelor

english

Excellentes capacités de communication et maîtrise de l'anglais écrit et oral
Contribuer à la gouvernance sécurité des produits : conformité aux politiques internes, aux standards et régulations.
Experience with penetration testing and vulnerability assessment
Expérience confirmée sur les architectures systems du secteur électrique, minimum 5 ans
Bachelor en informatique ou spécialisation « STEM » (sciences, technologie, ingénierie et mathématiques
Strong interpersonal and leadership skills
Connaissances approfondie des frameworks, standards et régulations relatifs à la cybersécurité en environnement OT : NERC CIP, IEC 62443, IEEE 1686, IEC 62351, Directive NIS2, NCSC CAF, AES CAF, NIST, etc.
Veille sur les standards cybersécurité et compréhension du paysage (acteurs, tendances, technologies, stratégies possibles)
Coordonner et contribuer aux certifications liées aux systèmes complexes (IEC 62443-3-3) et au rôle d’intégrateur système (IEC 62443-2-4)
In-depth knowledge of industrial control systems, SCADA architectures, and communication protocols, including Modbus, DNP3/IEC 104 and IEC 61850.
Connaissance approfondie des systèmes industriels et de leurs contraintes, SCADA, DMZ, architectures, et protocoles de communication, notamment Modbus, DNP3/IEC 104 et IEC 61850
GEV leadership behaviors: deliver with focus, lead with transparency and act with humility
Bachelor’s Degree in Engineering, Computer Science, or Information Technology from an accredited university
Experience with Telecom and Network Equipment (Routers, Switches, Firewalls)
Pro-activeness, sense of urgency, resistance to pressure, autonomy; ability to interact with multiple functions and teams worldwide
Demonstrated experience with systems architecture in electric sector and associated documentation
Ability to work effectively in a team and across functions, partnering with other teams in a worldwide environment
Symmetric and asymmetric cryptography and PKI infrastructure
Minimum 3 ans d’expérience sur la conception d’architectures sécurisées design, DMZ, appliances de sécurité, de préférence en environnement Operational Technology (OT)
Expérience avec les équipements telecom et réseau (routeurs, switches, firewalls)
Partager les bonnes pratiques et retours d’expérience, mettre à jour en continu les recommandations techniques en tenant compte de l’évolution des technologies, en collaboration avec la communauté « sécurité produit », les architectures et experts.
Continuous improvement mindset
Fluent English speaking and writing mandatory
Strong oral and written communication skills
Experience with security technologies, such as
Encryption, TLS, RSA and code signing
Capacités à travailler efficacement en équipe, avec différents départements, dans un environnement international
Proven experience with cybersecurity frameworks and standards relevant to OT environments, such as NERC CIP, IEC 62443, IEEE 1686, IEC 62351 as well experience with NIS Directive, NCSC CAF, AES CAF, NIST
Awareness of latest technical developments in the cyber security community
Virtualisation solutions (VMWare, Hyper-V, Proxmox, etc.)
Cyber security certification (ex. ISC2, SANS, ISACA, CISSP, ISA) is a plus
Les certifications de sécurité sont un plus (ex. ISA, CISSP, SANS, ISACA)
Demonstrated experience with Linux, VxWorks and Windows operating systems including user account management, security / system hardening, device control, and patch management.
Minimum 3 years of experience in secure architectures design, DMZ, security appliances, preferably in an Operational Technology (OT) environment
LDAP, RADIUS, SSH, SFTP, HTTPS, SYSLOG
Contribuer à la gestion des incidents et vulnérabilités des systèmes, en conformité avec les politiques internes, en appui des Lignes de Produits.
Transmettre et former en interne sur les sujets liés aux standards cybersécurité, notamment pour une audience R&D, ingénieurs, commerciaux, architectes, responsable produit
Compétences interpersonnelles et leadershi
Excellent oral and written communication skills
Demonstrated knowledge and understanding of network communications protocols in the TCP/IP network stack.
Strong customer service mind-set

Benefits

Information not given or found

Training + Development

Information not given or found

Interview process

Information not given or found

Visa Sponsorship

Information not given or found

Security clearance

Information not given or found

Company

Overview

April 2024

Founded

The company emerged from the spin-off of GE's energy units in April 2024.

>$10B Quarterly Revenue

Revenue Growth

Achieves over $10 billion in quarterly revenue, driven by demand for power infrastructure and digital solutions.

$3B

Wind Turbine Backlog

Maintains a significant backlog in wind turbine orders, reflecting strong market demand.

25%

Global Electricity Supply

Contributes to generating 25% of the world’s electricity through its installed turbines and grids.

Traces roots back to Edison and Alstom, merging power, renewable, digital & financial wings.
Headquartered in Cambridge, MA, crafts large-scale gas turbines, SMRs, wind turbines, hydro and grid tech to fuel economies.
On the nuclear front, advancing small modular reactors (like BWRX‑300) in partnership with utilities and supporting semiconductor projects.
Wind prowess spans onshore, offshore and blade making—with key sites like Dogger Bank offshore and blade plants in Spain.
Electrification arm tackles grid stability: HVDC, transformers, storage, conversion, plus GridOS software powering smarter infrastructure.
Weaves finance and consulting through energy-infrastructure investments, funding solar farms to pipelines via GE Energy Financial Services.

Culture + Values

Relentlessly focused on advancing the world’s transition to cleaner, more sustainable energy.
Believes in working with customers, partners, and communities to create innovative energy solutions that make a meaningful difference.
Prioritizes excellence, integrity, and accountability in everything they do.
Committed to driving real change through technology and partnerships that will transform the global energy landscape.

Environment + Sustainability

2050 target

Net zero commitment

Committed to achieving net zero carbon emissions by 2050.

Focused on reducing emissions through advanced energy technologies.
Maximizing use of renewable energy sources and leveraging digital solutions for energy efficiency.
Solutions aim to decarbonize industries and help customers meet their sustainability goals.

Inclusion & Diversity

Articles

Contact GE Vernova

Our Approach to Sustainability

Careers at GE Vernova