Job Description Summary

Job Description

Roles and Responsibilities:

In this role you will:

Strategy & Architecture

• Define the multitenant Microsoft 365 security roadmap and standards including Defender Intune/Microsoft Endpoint Manager SCCM Purview and Identity/Conditional Access.
• Lead Zero Trust alignment for identity device and data including device posture assessment CA policies riskbased access and leastprivilege models.
• Design endpoint security reference architectures and patterns for EDR/XDR modernization (Defender for Endpoint/XDR) telemetry and response integration.
• Establish security architecture guardrails and reusable patterns for SaaS Private Cloud and OnPrem environments; advise on SSPM (SaaS Security Posture Management) practices.

Program Leadership & Delivery

• Build and run the program operating model (KPI/KRI roadmaps intake/backlog governance) ensuring ontime delivery across multiple tenants and business units.
• Lead complex crossfunctional initiatives with clear scope milestones funding/budget alignment and dependency management.
• Drive risk remediation campaigns at scale with Endpoint Identity Data Protection and Cloud Platform teams; ensure policy adoption and operational handoffs.

Technical SME Guidance & Engineering Oversight

• Provide handson technical leadership for highimpact efforts (POCs control design tuning pilot deployments); coach engineering teams on best practices.
• Define policy and configuration guidance for Intune SCCM and Defender; oversee change management and production rollout standards.
• Guide automation/orchestration using PowerShell Intune scripting Defender workflows and Sentinel (KQL analytics playbooks) to improve signal quality and response.

Threat & Response Integration

• Build processes and logical interfaces with Cyber Threat & Response teams to strengthen detection/prevention across endpoints identity and data controls.
• Support cyber investigations and enterprise initiatives by ensuring telemetry completeness control efficacy and rapid containment pathways.

Metrics Reporting & Governance

• Define riskbased metrics (e.g. device posture compliance CA policy coverage EDR/XDR signal quality and executive reporting.
• Benchmark GE Aerospace capabilities against internal and industry standards; drive continuous improvement via NIST CSF NIST SP 800-171 CIS Controls and internal policies.
• Partner with Aerospace CIO teams to align operating models integrate with ServiceNow/workflows and sustain operational stability across lifecycle phases.

Minimum Qualifications:

• Bachelors degree from an accredited university or college with 5 years of professional experience; OR associates degree with 8 years; OR High School Diploma with 10 years.
• 5 years in Program Management or IT.
• 3 years in Cyber Architecture endpoint management and/or incident response.
• Note: Military experience is equivalent to professional experience.

Desired Qualifications:

Required Technical Experience

• Deep experience with Microsoft 365 security in multitenant environments: Defender for Endpoint/XDR Microsoft Endpoint Manager/Intune SCCM Azure AD/Entra ID Conditional Access..
• Handson leadership in device posture assessment EDR/XDR tuning policy baselining and telemetry integration for Threat/Response operations.
• Strong grasp of Zero Trust principles across identity device network and data; ability to translate them into practical enterprise controls and operating standards.
• Automation/orchestration proficiency (e.g. PowerShell Intune scripting Defender workflows; familiarity with Microsoft Sentinel analytics/playbooks/KQL).
• Experience leading risk remediation at scale with measurable improvements in control coverage detection quality and response efficiency.

Preferred Qualifications

• Architecture/governance experience across SaaS Private Cloud and OnPrem; familiarity with SSPM (SaaS Security Posture Management) concepts.
• Knowledge of security frameworks and controls (e.g. NIST CSF NIST SP 800171 CIS Controls ISO/IEC 27001) and regulated environments (e.g. aerospace/defense ITAR).
• Prior experience in large federated enterprises and complex tenant programs.
• Exposure to SIEM/SOAR (e.g. Microsoft Sentinel/Spunk) and enterprise workflow platforms (e.g. ServiceNow).

Leadership & Personal Attributes

• Operates effectively in a large matrixed organization; builds consensus and influences senior stakeholders.
• Strong communicatorable to translate complex technical concepts into clear outcomefocused narratives for executives and engineers alike.
• Resourceful and resilient; anticipates obstacles identifies pragmatic workarounds and rallies crossfunctional teams.
• Analytical and disciplined problem solver; applies critical thinking to drive highvalue decisions with data.
• Energetic selfmotivated and comfortable working with minimal supervision while maintaining high accountability for outcomes.

Note:

The base pay range for this position is $131000 to $189000 annually. The specific pay offered may be influenced by a variety of factors including the candidates experience education and skill set. This position is also eligible for an annual discretionary bonus based on a percentage of your base salary/ commission based on the posting is expected to close on April 20th 2026.

GE Aerospace offers comprehensive benefits and programs to support your health and along with programs like HealthAhead your physical emotional financial and social wellbeing. Healthcare benefits include medical dental vision and prescription drug coverage; access to a Health Coach from GE Aerospace; and the Employee Assistance Program which provides 24/7 confidential assessment counseling and referral services. Retirement benefits include the GE Aerospace Retirement Savings Plan a 401(k) savings plan with company matching contributions and company retirement contributions as well as access to Fidelity resources and planning consultants. Other benefits include tuition assistance adoption assistance paid parental leave disability insurance life insurance and paid time-off for vacation or illness.

GE Aerospace (General Electric Company or the Company) and its affiliates each sponsor certain employee benefit plans or programs (i.e. is a Sponsor). Each Sponsor reserves the right to terminate amend suspend replace or modify its benefit plans and programs at any time and for any reason in its sole discretion. No individual has a vested right to any benefit under a Sponsors welfare benefit plan or program. This document does not create a contract of employment with any individual.

To comply with US immigration and other legal requirements it is necessary to specify the minimum number of years experience required for any role based within the USA. For roles outside of the USA to ensure compliance with applicable legislation the JDs should focus on the substantive level of experience required for the role and a minimum number of years should NOT be used.

This Job Description is intended to provide a high-level guide to the role. However it is not intended to amend or otherwise restrict/expand the duties required from each individual employee as set out in their respective employment contract and/or as otherwise agreed between an employee and their manager.

This role requires access to U.S. export-controlled information. Therefore employment will be contingent upon the ability to prove that you meet the status of a U.S. Person as one of the following: U.S. lawful permanent resident U.S. Citizen have been granted asylee or refugee status (i.e. a protected individual under the Immigration and Naturalization Act 8 U.S.C. 1324b(a)(3)).

Additional Information