About Us: GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry. GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Role Summary: The IT Security Leader (Predix) will own project management, design, delivery, and drive implementation of security and compliance controls for securing BHGE Oil & Gas’ Predix initiatives. Specifically, this role will involve the development and implementation of a comprehensive roadmap of the security and compliance controls for enterprise software solutions essential to external customers on Predix.
In the role of IT Security Leader (Predix), you will:
Lead delivery and implementation of key security & compliance controls for securing BHGE’s Predix initiatives
Work in partnership with the Predix development squads to ensure that cyber security is embedded in the software development process
Drive the long-term strategic vision and roadmap for cyber and product security
Provide end to end program and project management for delivering security & compliance controls for Predix applications
On-site representative for BHGE’s Cyber Security, Risk, and Compliance team. Establishing an effective working relationship with the CSRC team to implement best practices within the Predix Oil & Gas applications
Partner with BHGE Security Architecture and GE Digital team to architect technology solutions that automate security & compliance controls for PaaS and IaaS environments (Cloud & Edge)
Partner with BHGE Security Operations and GE Digital on monitoring and Incident Management
Partnering with BHGE Product Security to implement NIST 800-53 and other relevant frameworks.
Promote and champion DevSecOps culture
Implement or lead implementation of security solutions addressing Industrial Internet of things (IIOT) requirements
Responding to customer-facing departments about Predix security posture
Bachelor Degree in Computer Science and/or Software Engineering or related discipline.
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job.
10+ years of experience in project management and project delivery encompassing software development languages and frameworks preferably Go, Python, Polymer, AngularJS, NodeJS, Scala, Java
2+ of project management experience in developing RESTful micro-service based applications; PMP certified (preferred)
5+ years of hands-on experience with Agile (Scrum or XP) and test & behavior driven development, continuous integration and version control (GitHub); Certified Agile scrum master preferred
Understanding of requirements management and user story development (Rally or similar tool)
Working knowledge of security services including PKI, TLS, authentication services, fine grained access control, and network security services
Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)
Proven experience in a product development environment; Strong knowledge of relevant security frameworks.
Must be available for on call for potential security response
Knowledge of application risk identification and evaluation techniques
Evaluate different products in security space and recommend and implement most optimal solutions
Hands-on experience with analyzing threat reports, vulnerability reports and drive towards implementing them
Prior experience of project managing technical solutions for securing cloud environments (IaaS and PaaS)
Experience interacting & engaging directly with customers to support commercial & service engagements
Proven ability to deliver while under tight timelines
Demonstrated ability to proactively analyze and solve complex problems
Excellent communication skills including both verbal and written
Proven ability to persuade and influence outcomes
Experience with secure architectures, identity and access management principles, application security, encryption technologies, DNS, SOA, database and web applications
Certified Predix developer or architect
Experience with ethical hacking, intrusion detection / prevention technologies, secure coding practices and threat modeling
CISSP or CISM certified
Certified Ethical Hacker (CEH)
Familiarity with cyber security frameworks such as ISO 27002, NIST 800-53
We are in the process of transitioning to an improved job application system and in the interim we are operating with two systems. Have your Job ID ready (from the email you received when you applied) to log in and check your application status.
Click the appropriate button. If you don't know your job ID, you can still check your status: use both buttons.