General Electric Sr Staff Product Security Leader in Bengaluru, India
Job Description Summary
In this role you will be responsible for hunting, detecting and responding to digital security threats. You will demonstrates technical leadership abilities and strong comprehension of malware, emerging threats and calculating risk.
GE Healthcare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.
Roles and Responsibilities
You are a highly skilled security Engineer who enjoys security work and collaborating with product managers and developers to drive the successful adoption of innovative methods in developing secure applications.
In this role, you will:
• Drive tailored SDL practice into specific engineering
• Create and track meaningful metrics around product cyber risk and compensating controls
• Consult, architect on security requirements and utilize best practices to meet them
• Engage in application and domain-specific threat modeling and attack surface analysis/reduction
• Working with all scrum teams for security-focused design
• Identifying and ensuring resolution of possible technical implications of each release
• Maintaining a backlog of security-related tools that will improve the maintainability and security of our code and the pace of development
• Help prepare reports at appropriate levels of confidentiality for stakeholders to view
• Responding promptly and in detail to customer-sponsored penetration tests
• Promotes standards through workshops, knowledge shares, and code walk-throughs
• Promotes best practices and design patterns
• Provides guidance on automated testing tools and techniques
Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) with significant experience.
Desired Characteristics Technical Expertise:
• Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance
• Program and Project Management experience; expertise with Agile development teams
• Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
• Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)
• Experienced in developing web services (SOAP/REST)
• Must be available for on call for potential security response
• Knowledge of application risk identification and evaluation techniques
• Knowledge of Cyber Security and full knowledge of multiple related engineering functions
• Experience securing applications within cloud platforms such as AWS, Azure and alike.
• Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment
Inclusion and Diversity
GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.
Relocation Assistance Provided: No