General Electric Sr Staff Security Architect in Bengaluru, India

Role Summary:

GEHC is looking for Security Architect who leads definition and implementation of security and privacy solutions while working closely with a larger architecture group to drive product roadmap and industry best practices. This is a highly influential technical leadership role cutting across multiple programs to create and drive the security strategy of our business. As a key member of technical staff, you will interact with all functions to drive a new vision of security and privacy solutions.

Essential Responsibilities:

  1. Collaborate with program teams to ensure design inputs for product security and privacy controls are thought through and implemented.

  2. Work closely with Principal Engineers to define product security strategy and drive it into programs.

  3. Work with the program teams to determine solutions to meet the needed controls.

  4. Work with the program teams to analyze vulnerability assessment reports from static and dynamic security assessment tools for further remediation. Assess residual risk.

  5. Define common security and privacy solutions and drive reusable software components into products and systems.

  6. Analyze vulnerability assessment results from both static and dynamic assessment tools and assessing residual risk.

  7. Lead design/development/verification of security features and drives submission/certification to internal/external certification (E.g. DoD) as appropriate for medical device/s.

  8. Establish and maintain governance processes to assure ongoing compliance to design engineering Privacy/Security requirements.

  9. Supporting Privacy/Security incident response activities pertinent to design engineering, through investigations, corrections, corrective actions, and preventive actions.

  10. Participate in all Privacy & Security related Technical Design Reviews as needed for design engineering activities.

  11. Collaborate with Sales and Marketing teams to identify and address customer privacy/security requirements that impact product sales and support.

  12. Lead the security subsystems technical teams through the entire design cycle including requirements generation, design and implementation, verification & validation as the key technical mentor.

  13. Collaborate with peers in other GEHC modalities to share best practices and drive re-use

Qualifications/Requirements:

  1. Bachelor's/Master’s Degree in Computer Science/Electronics and Communication/ Information Technology Engineering or any other related computer field.

  2. Minimum of 5 years full-time information security experience – emphasis on technical solutions and assessment techniques: vulnerability assessment, penetration testing, static analysis, dynamic analysis, and fuzz testing

  3. Understanding of network protocols, especially the TPC/UDP IP stack, including TLS and DTLS.

  4. Understanding of enterprise-wide authentication and authorization protocols (eg. LDAP, OAuth, XACML).

  5. Understanding of identity management solutions using Public Key Infrastructure (eg. X.509 certificates, Certificate Authorities)

  6. Understanding of device-level security solution (eg. TPM, Secure Boot)

  7. Experience with Secure Development Lifecycle (SDL) and Threat Modelling.

  8. Experience designing privacy & security solutions, including hardware hardening, system hardening, network hardening, and IT Systems Integration.

  9. Understanding of how computer hardware and operating systems work, so that potential impacts of vulnerabilities can be determined.

  10. Strong working knowledge of security and privacy standards such as NIST 800 and the ISO 27000 series

  11. Strong Systems Engineering and OS knowledge (Unix/Linux)

  12. Strong software development and design background with a good knowledge of Java/C+11. Exposure to provide solutions on cloud and mobile technologies

  13. Experience with data spill investigation & solving techniques and Exposure to Intrusion Detection / Intrusion Protection programs

  14. Acquaintance with Industry-recognized security certification such as CISSP, CISM or CISA

  15. Good working knowledge of developing distributed solutions using following technologies

• Service Oriented Architecture, MicroSerivces

• Frameworks and API paradigm such as Spring, REST, OSGi

• Relational and NoSQL databases.

Desired Characteristics:

  1. Excellent conceptual, problem-solving and oral/written communication skills.

  2. High passion and energy and the ability to influence and energize others.

  3. Demonstrated ability to work on projects concurrently and work with teams globally.

  4. Demonstrated experience on product releases throughout the entire NPI cycle in engineering product development processes on cross-functional programs with a focus on related engineering discipline.

  5. Hands-on technical role; self-motivator and a very good team player with good inter-personal skills

  6. Strategic thinker and change agent

  7. Positive attitude to explore, drive and passionate in excelling on the technology goals

  8. Demonstrated ability to deliver high quality results in a timely fashion while working on multiple projects concurrently.

  9. Healthcare Domain Experience is a plus

  10. Collaborating with external/internal teams/stakeholders identifying the synergies to benefit mutually. Leveraging technical and clinical depth to work on business initiatives aimed at innovation and quality excellence.

  11. Nice to have experience with Distributed Data Service (DDS) or any equivalent IOT Framework

About Us:

Join a dynamic team that’s using Agile to develop the next generation of mobile patient monitors & cloud-based networks. You will be working on a state of the art platform that provides clinical intelligence at the point of need for caregivers. We’re developing a first of its kind hospital wide solution. Be part of a team that’s redefining the patient monitoring portfolio using latest cloud technologies. Join the Digital Industrial transformation at GE Healthcare.

GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.

GE is an equal opportunity employer and supports Diversity.

Locations: India; Bengaluru