GE Vernova
Senior Application Development Cyber Security Engineer
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About GE Vernova
GE Vernova is an independent energy company based in Cambridge, Massachusetts, that began trading on the New York Stock Exchange in April 2024 after spinning off from General Electric. With over 80,000 employees in more than 100 countries, the company is dedicated to accelerating the global energy transition through electrification and decarbonization. The company operates in three main segments: Power, which includes Gas, Steam, Hydro, and Nuclear divisions; Wind, focusing on renewable wind energy solutions; and Electrification, which encompasses Grid Solutions, Power Conversion, Solar & Storage Solutions, and Electrification Software. GE Vernova's mission emphasizes sustainability, innovation, and operational efficiency, aiming to provide reliable and affordable energy to utilities, developers, governments, and large industrial users worldwide. A key aspect of GE Vernova is its nuclear energy business, GE Vernova Hitachi Nuclear Energy (GVH), which combines expertise in reactor design with advanced modular construction capabilities. GVH offers advanced reactors and nuclear services globally, contributing to the company's commitment to leading the energy transition through a diverse portfolio of technologies and solutions.
Security at GE Vernova
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
“Stated AppSec Mission: Our Chief Information Security Officer (CISO) is responsible for developing an information security program. Developer Enablement vs. Gatekeeping: Cyber is being 'Built-In, not Bolted-On' to new Electrification Software products. Risk Philosophy: We have adopted the National Institute of Standards and Technology (NIST) Cybersecurity Framework. and defense-in-depth of the infrastructure, platform, software, and communication layers. Stated Pain Points or Goals (Verbatim): Information not publicly available.”
Security Team
Org Structure & Reporting Line: The Chief Information Security Officer (CISO) is responsible for developing an information security program. Business Information Security Officers (BISOs) help develop and execute strategy. Key Public-Facing Leaders: Matt Yourek, Director of Product Cyber Security & Compliance. Team Size Estimate (as_of:): Information not publicly available. Active AppSec Job Postings (as_of:): Information not publicly available.
Key Initiatives
Security Champions Program: Status: No Evidence Found. 'No public, explicit statement titled 'Security Champions Program' or a named developer-embedded AppSec model document discovered.' Shift Left in Practice: Cyber is being 'Built-In, not Bolted-On' to new Electrification Software products. Vulnerability Management Process: Intake: GE Vernova assigns appropriate security activities (e.g., SAST, DAST, penetration testing). and requires notification at GEV.PSIRT@gevernova.com within 24 hours. Triage/Remediation: Vulnerabilities are remediated and retested within 30 days of identification. Secure SDLC Artifacts: GE Vernova has a lifecycle for the secure design, development, and maintenance of products. They utilize a Cybersecurity Bill of Materials (CBoM). and issue Technical Information Letter (TIL) alerts to customers for risks and actions. Security activities include penetration testing. , Static Code Analysis Testing. , Secrets Detection. , and Open-Source Vulnerability Detection. Recent Initiatives (Last 6 Months): Information not publicly available.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.