General Electric Senior Staff Cyber Security Architect in Bengaluru, India
Job Description Summary
As an experienced Security Architect with Monitoring Solutions, you will lead definition and implementation of security and privacy standards across all lines of monitoring products while working closely with a larger architecture group to drive product security roadmap and industry best practices. This is a highly influential technical leadership role cutting across multiple programs to create and drive the security strategy of our business. As a key member of technical staff, you will interact with all functions to drive a new vision of security and privacy solutions.
GE Healthcare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.
Roles and Responsibilities
As Senior Staff Cyber Security Architect , you will :
Collaborate with program teams to ensure design inputs for product security and privacy controls are thought through and implemented. Also, determine solutions to meet the needed controls.
Work closely with Principal Engineers to define product security strategy and drive it into programs.
Work with the program teams to analyze vulnerability assessment reports from static and dynamic security assessment tools for further remediation. Assess residual risk and define common security and privacy solutions and drive reusable software components into products and systems.
Lead design/development/verification of security features and drives submission/certification to internal/external certification bodies (E.g. FDA, US DoD) as appropriate for medical devices.
Create needed artifacts to support compliance for product security - FDA 510k submissions is good to have
Establish and maintain governance processes ,support Privacy/Security incident response activities pertinent to design engineering, through investigations, corrections, corrective actions, and preventive actions.
Participate in all Privacy & Security related Technical Design Reviews as needed for design engineering activities. Collaborate with Sales and Marketing teams to identify and address customer privacy/security requirements that impact product sales and support.
Lead the security subsystems technical teams through the entire design cycle including requirements generation, design and implementation, verification & validation as the key technical mentor.
Bachelor's/Master’s Degree in Computer Science/Electronics and Communication/ Information Technology Engineering or any other related computer field.
Minimum 15 years of overall experience with at least 5 years of experience in information product security
Technical Expertise :
Understanding of enterprise-wide authentication and authorization protocols (eg. LDAP, OAuth, XACML).
Understanding of identity management solutions using Public Key Infrastructure (eg. X.509 certificates, Certificate Authorities)
Understanding of device-level security solution (eg. TPM, Secure Boot) and experience with Secure Development Lifecycle (SDL) and Threat Modelling.
Understanding of network protocols, especially the TPC/UDP IP stack, including TLS and DTLS and experience designing privacy & security solutions, including hardware hardening, system hardening, network hardening, and IT Systems Integration.
Vulnerability assessment, penetration testing, static analysis, dynamic analysis, and fuzz testing.
Understanding of how computer hardware and operating systems work, so that potential impacts of vulnerabilities can be determined with strong working knowledge of security and privacy standards such as NIST 800 and the ISO 27000 series
Strong Systems Engineering and OS knowledge (Unix/Linux), with good command on Shell scripting, software development and design background with a good knowledge of Java/C++.
Exposure to provide solutions on cloud and mobile technologies, data spill investigation & solving techniques and exposure to Intrusion Detection / Intrusion Protection programs
Acquaintance with Industry-recognized security certification such as CISSP, CISM or CISA
Good working knowledge of developing distributed solutions using following technologies,
Service Oriented Architecture, Microservices Frameworks and API paradigm such as Spring, REST, Relational and NoSQL databases.
Experience with Distributed Data Service (DDS) or any equivalent IOT Framework is important for this role
Excellent conceptual, problem-solving skills with able to demonstrate and deliver high quality results in a timely fashion while working on multiple projects concurrently.
Hands-on technical role; self-motivator and a very good team player, strategic thinker and change agent
Positive attitude to explore, drive and passionate in excelling on the technology goals and excellent Collaboration with external/internal teams/stakeholders to identify the synergies to benefit mutually.
Leveraging technical and clinical depth to work on business initiatives aimed at innovation and quality excellence.
Healthcare Domain Experience is a plus
Inclusion and Diversity
GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
We expect all employees to live and breathe our behaviors: to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity.
Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.
Relocation Assistance Provided: Yes