Senior Application Development Cyber Security Engineer

Here is a 3-sentence summary of the key points in the job posting for a Senior Application Development Cyber Security Engineer position at GE Vernova: 1. The role requires extensive experience in securing operational technology (OT) and industrial control systems (ICS) in the energy/utility sector, with expertise in embedded systems development, industrial protocols, and implementing security standards like IEC 62443. 2. The engineer will be responsible for defining end-to-end cybersecurity architectures, leading technical strategy and security certification efforts, guiding engineering teams on secure development practices, and representing the company in industry forums. 3. While the specific salary range is not mentioned, the job posting highlights the desire for a recognized technical authority with publications, patents, or industry involvement, indicating this is likely a senior-level, leadership position with competitive compensation and benefits.

Job Description Summary

We are seeking a seasoned Cyber Security Engineer to lead the development and integration of secure architectures for critical Transmission & Distribution (T&D) systems.

As a recognized technical authority, you will define cybersecurity strategy across hardware, embedded systems, and software-defined platforms in modern electric grids—spanning protection, control, and energy management technologies for Grid Automation business unit.

You will embed Security by Design and Cyber-Informed Engineering (CIE) principles throughout the product lifecycle, operating at the intersection of operational technology (OT) and information technology (IT). Your work will help drive regulatory compliance, product security, and support both R&D teams and utility customers in securing mission-critical infrastructure.

Job Description

Key Responsibilities:

• Act as the cybersecurity design authority for T&D products, defining end-to-end architectures across hardware, firmware, and cloud-connected systems, advising on secure protocols, cryptography, authentication, and network hardening.
• Translate and implement global regulatory standards (IEC 62443, IEC 61850, IEC 62351, NERC CIP) into product requirements, and lead technical strategy planning, architecture reviews, and security certification efforts.
• Guide engineering teams through threat modeling, secure coding, SDLC best practices, and CIE adoption to mitigate cyber-physical risks affecting safety, reliability, or operations.
• Define and support embedded and software-based security features using C/C++, Python, and modern toolchains, while collaborating on penetration testing, fuzz testing, code reviews, and security simulations.
• Lead cross-functional initiatives with PSL, product management, compliance, field operations, and R&D to align cybersecurity objectives and ensure systems meet resilience and compliance expectations.
• Monitor cybersecurity trends, ICS/OT threat landscapes, and emerging technologies, recommending tools and methods to enhance product security posture.
• Partner with PSL, incident response and product security teams to support vulnerability remediation, post-incident analysis, and contribute to the creation of security documentation, including architecture specs, procedures, and training materials.
• Represent the company in industry forums, standards bodies, and technical panels, and contribute to white papers, patents, and technical publications supporting innovation and thought leadership for Grid Automation.

Required Qualifications:

• Bachelor’s degree in engineering, Computer Science, Cybersecurity, or a related field.
• Minimum of 8 years of engineering experience, with 5 years focused on cybersecurity for embedded or software-defined systems.

Desired Characteristics:

• Professional certifications such as CISSP, GIAC (GPEN/GXPN), CEH, or ISA/IEC 62443 preferred.
• Proven ability to secure OT/ICS environments, preferably within the energy or utilities sector.
• Deep familiarity with industrial protocols (e.g., IEC 61850, DNP3, Modbus, IEEE 2030.5) and relevant cybersecurity standards.
• Experience in embedded system development (C/C++, RTOS), as well as Linux/Windows platforms.
• Strong hands-on background in PKI, identity management, network security appliances, and security monitoring.
• Proficient in threat modeling, risk/vulnerability assessment, and using forensic/security analysis tools..
• Excellent communication and stakeholder engagement skills, able to translate technical content for non-technical audiences.
• Exposure to quality improvement methodologies (e.g., Lean, Six Sigma) is a plus.
• Recognized as a thought leader through publications, patents, or industry involvement.
• Willingness to travel for customer engagements, conferences, and global collaboration.

**For candidates applying to a Canadian-based position, the pay range for this position is between $162,000 and $244,000 CAD. The specific pay offered may be influenced by a variety of factors, including the candidate’s experience, education, and skill set.

Bonus eligibility: Annual variable incentive bonus.

This posting is for a new role.

**For US Candidates the pay range for this position is $152,400 - $254,000.00 USD Annual. The specific pay offered may be influenced by a variety of factors, including the candidate’s experience, education, and skill set.

Additional Information

- This is a remote positionApplication Deadline: March 02, 2026

Originally posted on Himalayas