Cyber Security Leader

• Company GE
• No. of Openings 10+
• Salary Not Disclosed
• Work Type on-site

Job Description :

Job Description Summary

As a Cyber security leader, You will provide Leadership on Cyber security by working both with the product teams and the Global teams and help to draw out the strategy for Ultrasound Handheld products with the vision of building and sustaining product competencies and customer orientation to provide timely patient care. You will also be a part of extended team of the Global Cyber security team to constantly update to the latest technologies and processes.GE Healthcare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.

Job Description

Responsibilities

You will be responsible to:
 

• Conduct security and privacy assessments which includes Vulnerability Assessment and Penetration Testing ( VAPT ) to determine compliance and security posture
• Assess the security for software/Product architecture – guide the product architects to ensure security is built into at the design level itself
• Assist business units in the development and implementation of product security and Privacy practices including policies, standards, guidelines, and procedures.
• Verify that security and privacy requirements defined in the security plans, policies, and procedures are followed and protection measures are functioning as intended.
• Guide the business unit in their management of the resolution of security audit or review findings.
• Provide security risk management and security advice as well as advice on strategic direction relating to product and information security.
• Assist with security incidents and review risk and impact of breaches to protected systems.
• Review proposed services, engineering changes, and feature requests for security implications and needed security controls.
   

Qualifications/Requirements
 

• Bachelor’s degree in engineering
• 10+ years of Industry experience with 5+ years of experience in development and security experience which includes application security, mobile security, network security, OS security, Cloud Security, IoT Security
• Product/Information security experience in all phases of service/product development and deployment including architecture, design, development, testing and deployment.
• Experience in designing security solutions.
• Hands-on experience in execution and review of Static Code Analysis reports and ability to discuss with development teams for true positives.
• Experience and knowledge of penetration testing methodologies, tools and automation of test scenarios.
• Conducting information security analyses, audits, and reviews
   

Desired:
 

• Experience of Information security assessment in healthcare sector/ IoT / Embedded Security
• Experience with NIST 800-53, CIS/STIG benchmark audit
• Ideal candidate would have worked on the software development initially and then graduated in to either -S/W Lead/security assessments ensuring security in the product design
   

Preferred Skills:
 

• Knowledge of secure software development lifecycle and practices such as threat modelling, security reviews, penetration tests, and security incident response
• Understanding of security by design principles and architecture level security concepts
• Exposure to privacy requirements
• Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities
• Knowledge of Security engineering, information system architecture and security controls (e.g., firewall and border router configurations, wireless architectures, specialized appliances)
• Implementation of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA), OAUTH authentication, 2FA
• Experience in Rest Api, Kubernetes and container security assessments.