Principal Product Security Incident Responder

Job Description

Summary GE Vernova is seeking an experienced Product Security Incident Response Team Principal to lead PSIRT efforts across the business, reporting directly to the VP of Product Cybersecurity. This role manages externally identified product vulnerabilities and incidents across GE Vernova’s business units, coordinates remediation and disclosure across multiple product lines, and runs the company’s CVE Numbering Authority (CNA) program. The PSIRT Leader ensures compliance with EU CRA and other applicable regulatory reporting obligations, partners with the CISO’s CERT and business unit security teams, and may coordinate with law enforcement and E-ISAC as circumstances require. An AI-forward approach is a core expectation. This leader will deploy AI-powered tooling to accelerate triage, automate vulnerability scoring, and scale PSIRT capacity to meet the growing volume of incidents driven by the rapid advancement of AI frontier models—including large language models and autonomous agentic systems—which are expanding the OT attack surface, accelerating exploit development, and lowering the barrier for adversaries targeting critical infrastructure.

Job Description

Key Responsibilities: Vulnerability Management & Coordinated Disclosure Operate the GE Vernova PSIRT, maintaining the policies, processes, and tools to triage, track, and resolve product vulnerabilities across all business units. Manage end-to-end Coordinated Vulnerability Disclosure (CVD), ensuring alignment with industry standards and mandatory EU CRA notification timelines (including ENISA/CSIRT reporting). Lead the CNA (CVE Numbering Authority) program, managing the assignment and lifecycle of CVE records to ensure timely, accurate public disclosures. Product Incident Response Lead responses to product-related cybersecurity incidents at customer sites, coordinating across engineering, legal, and customer-facing teams. Maintain and exercise incident response playbooks and communication templates to ensure rapid, consistent resolution. Deploy AI-powered tools to automate vulnerability scoring, incident triage, and situational awareness to handle high volumes of complex threats. Cross-Functional Partnership & Governance Align PSIRT operations with the CISO’s enterprise CERT function to ensure seamless incident handling and shared situational awareness. Embed PSIRT awareness across Power, Wind, and Electrification business units by establishing liaisons and defined response protocols. Define and report on PSIRT performance metrics (e.g., MTTR, disclosure compliance) for executive leadership and enterprise risk reviews.

Qualifications

Required 8+ years of cybersecurity experience with deep expertise in PSIRT operations, vulnerability management, or product incident response in an industrial/energy context. Proven experience leading a PSIRT function, including hands-on management of coordinated disclosure and customer-facing security incidents. Experience engaging with law enforcement, government agencies, and national authorities regarding sensitive cybersecurity incidents. Deep familiarity with CVE, CVSS, CWE, and standards like ISO/IEC 29147/30111. Bachelor’s degree in a technical discipline. Preferred Direct experience with GE Vernova products or equivalent OT/industrial energy systems. Familiarity with IEC 62443 security standards and energy-sector ISACs (e.g., E-ISAC). Experience building or scaling a PSIRT function from the ground up. Certifications such as CISSP, GCIH, GICSP, or equivalent. Advanced degree in Cybersecurity, Computer Science, or Engineering. Additional Information GE Vernova offers a great work environment, professional development, challenging careers, and competitive compensation. GE Vernova is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. GE Vernova will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable). Relocation Assistance Provided: No #LI-Remote - This is a remote position Application Deadline: June 09, 2026 For candidates applying to a U.S. based position, the pay range for this position is between $147,000.00 and $245,000.00. The Company pays a geographic differential of 110%, 120% or 130% of salary in certain areas. The specific pay offered may be influenced by a variety of factors, including the candidate’s experience, education, and skill set. Bonus eligibility: discretionary annual bonus. This posting is expected to remain open for at least seven days after it was posted on June 02, 2026. Available benefits include medical, dental, vision, and prescription drug coverage; access to Health Coach from GE Vernova, a 24/7 nurse-based resource; and access to the Employee Assistance Program, providing 24/7 confidential assessment, counseling and referral services. Retirement benefits include the GE Vernova Retirement Savings Plan, a tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions, as well as access to Fidelity resources and financial planning consultants. Other benefits include tuition assistance, adoption assistance, paid parental leave, disability benefits, life insurance, 12 paid holidays, and permissive time off. GE Vernova Inc. or its affiliates (collectively or individually, “GE Vernova”) sponsor certain employee benefit plans or programs GE Vernova reserves the right to terminate, amend, suspend, replace, or modify its benefit plans and programs at any time and for any reason, in its sole discretion. No individual has a vested right to any benefit under a GE Vernova welfare benefit plan or program. This document does not create a contract of employment with any individual. Apply To This Job