Business Segment: Digital Predix Products & Technology
Location(s): United States; California; San Ramon
About Us: GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry. GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Role Summary: We are looking for smart, security minded, enthusiastic and friendly cyber security analyst who can work collaboratively with other teams over design and development of different customer facing features on the Predix Mobile Applications. You will be a senior level mobile software security expert who will provide thought leadership in building industrial class security solutions for Mobile applications.
Essential Responsibilities: In this role, you will:
Be responsible for providing technical leadership and defining, developing, and evolving security within software in a fast paced and agile development environment using the latest secure software development technologies and infrastructure.
Work with Cyber Security Leaders and SMEs to understand product requirements & vision
Translate security requirements / vision into prioritized list of user stories and deliver to required timelines and quality standards
Perform Threat Modeling and Architecture Risk Analysis on mobile applications.
Perform Security Code Reviews, Vulnerability Analysis and research on application code.
Coach and mentor developers to write and implement cryptography (PKI, Code Signing, Stored Secrets etc)
Work cross functionally to scope schedule and then analyze results from Red Team exercises on software products.
Guide developers to write secure code and implement secure engineering practices.
Provide response for security related incidents reported for software products.
Engage subject matter experts in successful transfer of complex domain knowledge
Apply principles of Secure SDLC and methodologies like Lean/Agile/XP, CI, Software and Product Security, Scalability, Documentation Practices, refactoring and Testing Techniques
Provide guidance and advise on writing secure code that meets standards and delivers desired functionality using the technology selected for the project.
Understand application security methodologies and frameworks.
Leverage tailored Secure SDL practice into specific engineering
Develop security requirements and utilize best practices to meet them
Research new application security technologies and implement them to improve application security.
Working with other scrum teams for security-focused design
Identifying and ensuring resolution of possible technical implications of each release
Maintaining a backlog of security-related tools that will improve the maintainability and security of our code and the pace of development
Working knowledge of following mobile technologies, VPNs, MDM, MAM (Mobile App Management), IAM(Identity and Access Management), MAS ( Mobile Application Store), MAG( Mobile Application Gateway, DLP, IDS, GSS ( Gateway and Security Stack).
Should be able to architect and design following Mobile Security Goals, Web-Based Threat Mitigation, Network-Based Threat Mitigations.
We are in the process of transitioning to an improved job application system and in the interim we are operating with two systems. Have your Job ID ready (from the email you received when you applied) to log in and check your application status.
Click the appropriate button. If you don't know your job ID, you can still check your status: use both buttons.