General Electric Product Security Architect in Beijing, China
Job Description Summary
This job is focusing to provide product design for Edison Cloud platform and Edison Ecosystem Apps. Build up entire cyber security technology roadmap.
Work closely with our commercial team to develop secure application for CT/MR/UltraSound products.
GE Healthcare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.
Be responsible for the on premise and cloud application architecture design and Edition platform architecture design and provide secure design for the cloud hosting systems.
Provide technical input for the security review framework setup in terms of 3rd party vendor software products onboarding Edison Platform. Act as a technology gate keeper for security review during the onboarding process.
Review and proactively propose remediations for security gaps and vulnerabilities and work with product and engineering team to ensure proper implementations.
Work with Corp security team and Cloud operation team to drive software security technology roadmap landing in China
Perform security risk analysis for our products and portfolio.
Provide security guidelines for the organization to protect critical assets and data.
Be responsible for the evaluation of new technologies, tools, and/or development techniques that impact security
Review, analyze, and evaluate both GE digital developed software and external 3rd vendor products and procedures to address security requirements.
Qualification / Requirements
Prior development experience (5 years minimum).
8+ years proven work experience as an application security professional working with/within development teams.
In-depth understanding of background technical details of common application vulnerabilities, attack vectors and exploits, and techniques to remediate those vulnerabilities.
Experience with performing product security reviews and analysis (Risk Analysis and Threat Modeling).
Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, data and communication protection, etc. (such as OAuth2, OpenConnect, WS-Security, SAML ).
Exposure to and knowledge of complete Public Cloud Software environments.
Solid knowledge of Web-related technologies.
BS in Computer Science or similar technical field.
Product security certfications, CSA, CSSLP and etc.
Proven problem solving skills on distributed environments: reverse engineering, think statistically and improvising fully
Strong verbal and written English communication skills are required due to dynamic nature of team discussions
Be proactive and self-directed work style with minimum supervision
Project management experience is a big plus
Inclusion and Diversity
GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
We expect all employees to live and breathe our behaviors: to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity.
Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.