Company: Baker Hughes
Skills: IT - Analysis & Management
Experience: 2 + Years
Education: Bachelors/3-5 yr Degree
Location: Houston, Texas, United States


Roles and Responsibilities
  • Lead technical aspects of digital security incident detection and response, focusing on unstructured incidents and high-risk events.
  • Specialize in network-centric analysis (NSM), host-centric analysis (live response, digital forensics), malware analysis, and/or log-centric analysis (SIEM)
  • Perform daily response operations with a schedule that may involve nontraditional working hours - act as escalation points for Information Security Incident Analysts
  • Write signatures, tune systems/tools, and develop scripts and correlation rules
  • Mentor and train Event and Incident Analysts as required.
  • The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler


Required Qualifications
  • Bachelor's Degree in Computer Science
  • 2+ years' experience in a cyber-security operation center


Desired Characteristics
  • The best candidates for the role work well with other people and have strong verbal and written communication skills, a sense of diplomacy, and decision making skills to handle the often fast-paced role of an incident handler
  • Strong verbal and written communication skills
  • Detailed understanding of APT, Cyber Crime and other associated tactics
  • Strong track record of understanding and interest in recognized IT and OT security-related standards and technologies, demonstrated through training, job experience and/or industry
  • Knowledge of and/or working on Baker Hughes OT products
  • Professional experience with Cyber Security, Operations Security, Product Security, Industrial Control Systems (ICS), Information Assurance, and Information Technology
  • Experience with host based detection and prevention suites (McAfee EPO, OSSEC, Yara, MIR, CarbonBlack, Tanium, etc.)
  • Experience with host-centric tools for forensic collection and analysis (SleuthKit, Volatility Framework, FTK, Encase, etc.)
  • Experience with Network Forensics and/or Network Security Monitoring (NSM) tools (Snort, Bro-IDS, PCAP, tcpdump, etc.) and analysis techniques (alert, flow/session and PCAP analysis)
  • Experience with malware and reverse engineering (Dynamic and static analysis)
  • Strong IT infrastructure background including familiarity with the following:
  • Networking (TCP/IP, UDP, Routing)
  • Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)
  • Encryption (DES, AES, RSA) and hashing algorithms (MD5, SHA-1, etc.)
  • System/Application vulnerabilities and exploitation
  • Operating systems (Windows, *Nix, and Mac)
  • Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident response techniques
  • CISSP, CISM or related SANs certifications preferred
  • Active US government security clearance
  • Working knowledge of secure communication methods, including Secure Shell, S/MIME and PGP/GPG


Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.