Back to All Jobs
Bengaluru, Karn\u0101taka, India
5 days ago
Senior Staff Product Security Analyst
Job Description SummaryThe GE Healthcare CyberLab is looking for a Product Security Representative to be part of our exciting journey for review and analysis of our medical devices, cloud solutions and digital offerings. You need to drive security activities, check and follow vulnerabilities, ensure security control at new feature design, increase security awareness and help to identify and reduce possible product security gaps. Responsible for hunting, detecting and responding to digital security threats. Demonstrates technical leadership abilities and strong comprehension of malware, emerging threats and calculating risk.

GE Healthcare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.

Job Description

Roles and Responsibilities:

You are a highly skilled security Engineer who enjoys security work and collaborating with product managers and developers to drive the successful adoption of innovative methods in developing secure applications.
In this role, you will:

Ensuring and driving product related security activitiesIncrease product security awareness within the development teamAnalyzing, tracking and following product related threat, vulnerabilities, security gaps and desired solutionMaintain cyber security processes, monitoring systems/toolsSupport the development teams by security analyses and threat modellingInteract with worldwide engineering and product teams (US, Hungary, India) Qualifications/Requirements:Experience analyzing/detecting and remediating cybersecurity issuesExperience in security/network/system administration/development or equivalent knowledgeIn-depth knowledge of various operating systems (Linux, Windows)Practical hand-on experience in a complex system developmentProduct security knowledge and mindset (STIG, vulnerabilities, CVE tracking, security gap analysis)Has the ability to analyze and evaluate impact of changes, defects and different technology choicesGood English skills Desired Characteristics:Demonstrates clarity of thinking to work through limited information and vague problem definitionsInfluences through others; builds direct and \"behind the scenes\" support for changesProactively identifies, facilitates and drives project obstacles or barriers on behalf of the teamDrive tailored SDL practice into specific engineeringCreate and track meaningful metrics around product cyber risk and compensating controlsConsult, architect on security requirements and utilize best practices to meet themEngage in application and domain-specific threat modeling and attack surface analysis/reductionWorking with all scrum teams for security-focused designdentifying and ensuring resolution of possible technical implications of each releaseMaintaining a backlog of security-related tools that will improve the maintainability and security of our code and the pace of developmentHelp prepare reports at appropriate levels of confidentiality for stakeholders to viewResponding promptly and in detail to customer-sponsored penetration testsPromotes standards through workshops, knowledge shares, and code walk-throughsPromotes best practices and design patternsProvides guidance on automated testing tools and techniques

Education Qualification:

Bachelor' s Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) with significant experience.

Technical Expertise:

Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governanceProgram and Project Management experience; expertise with Agile development teamsKnowledge of CI/CD and automation tools (Chef, Git, Jenkins)Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)Experienced in developing web services (SOAP/REST)Must be available for on call for potential security responseKnowledge of application risk identification and evaluation techniquesKnowledge of Cyber Security and full knowledge of multiple related engineering functionsExperience securing applications within cloud platforms such as AWS, Azure and alike.Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment

Inclusion and Diversity

GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

We expect all employees to live and breathe our behaviors: to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity.

Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.

#Everyroleisvital

#LI-Hybrid

#LI-SM1

Additional Information

Relocation Assistance Provided: Yes

Show More
Save & Apply Later Applying Later... Click to ApplyI AppliedDidn't Apply
Confirm your E-mail: Send Email
Apply for this job
Next Job »
All Jobs from GE Healthcare
3 GE Healthcare jobs in IN
Next Job »
Search Jobs GE Healthcare Apply Later
Processing Unique Jobs for You: