GE Careers
Apply Now    

Staff Product Security Analyst

  • GE Digital
  • Experienced
  • Posted 11/29/2017 1:49:27 PM
  • 3029936
  • Job Function: Digital Technology
  • Business Segment: Digital Technology
Location(s): United States; Michigan, Ohio, Virginia; Glen Allen, Van Buren Twp, Cincinnati


About Us:
GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.

At GE Digital, we are creating technology and solutions to enable social, mobile, analytical and cloud capabilities
for the Industrial Internet. The Industrial Internet is an open, global network that connects people, data and
machines. It’s about making infrastructure more intelligent and advancing the industries critical to the world we
live in. At GE, we believe it’s about the future of industry—energy, healthcare, transportation, manufacturing. It’s
about making the world work better. GE is transforming itself to become the world's premier digital industrial
company, executing critical outcomes for our customers. Explore how you can drive greater asset reliability, lower
operating costs, reduce risk and accelerate operational performance with our Predix platform and software
solutions.
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

Role Summary:
We are looking for a Staff Product Security Analyst, with a focus on software development and operational technology (OT) solutions. In this role you will partner across GE to drive improved Software/Systems Development Lifecycle capabilities. You will also engage with manufacturing experts to design, build, and measure success of security controls in OT environments like factories and labs.

Essential Responsibilities:
You are a highly technical security professional who enjoys challenging problems and has a very strong background in systems security, application security, and operational technology. In this role, you will be building relationships and providing support to product security and manufacturing teams across all GE businesses.

  • Develop approaches to address the implementation of software and OT security solutions
  • Consult development teams on security requirements and utilize common components to meet them
  • Be able to scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment
  • Create and track meaningful metrics around product cyber risk and compensating controls
  • Create vulnerability and incident trend analysis to improve product design
  • Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components
  • Engage and administer End Of Life processes for digital products
  • Engage in application and domain-specific threat modeling and attack surface analysis/reduction
  • Help prepare reports at appropriate levels of confidentiality for stakeholders to view
  • Provides guidance on automated testing tools and techniques
  • Maintain documentation of design patterns/recipes for common security requirements
  • Ensure that issues identified are appropriately prioritized and addressed in future product releases
  • Have a complete understanding of the various system inter-dependencies and limitations
  • Architect, design, implement, support, and evaluate security focused tools
  • Evaluate and recommend new and emerging security products and technologies

    Qualifications/Requirements:

    Basic Qualifications

  • BS degree or higher in Computer Engineering or in a STEM major (Science, Technology, Engineering, or Math)
  • Minimum of 5 years IT experience, preferably within Software Security or OT/Product Security
  • Minimum of 3 years IT experience with operating in a secure SDLC
  • Must be willing to sit in Glen Allen, Detroit, Cincinnati, or a business hub location

    Eligibility Requirements

  • Legal authorization to work in the U.S. is required.We will not sponsor individuals for employment visas, now or in the future, for this job.

    Desired Characteristics:
  • Demonstrated understanding of technical and business strategy application to future architecture direction
  • Contribute to and lead discussions and communications within the team and outside, including customers and other business units
  • Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance
  • Program and Project Management experience; expertise with Agile development teams
  • Experience with secure coding principles; code signing; secure boot and knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
  • Experience with penetration testing and ethical hacking
  • Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)
  • Knowledge of application risk identification and evaluation techniques
  • Knowledge of Cyber Security and full knowledge of multiple related engineering functions
  • Experience securing applications within cloud platforms such as AWS, Azure etc including microservices and serverless architectures
  • Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment

    #DTR

    Locations: United States; Michigan, Ohio, Virginia; Glen Allen, Van Buren Twp, Cincinnati

    GE offers a great work environment, professional development, challenging careers, and competitive compensation.  GE is an Equal Opportunity Employer.  Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

    GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditional upon the successful completion​ of a background investigation and drug screen.


  • Apply Now    
    Link for schema

    GE Careers Technical Assistance

    Having technical issues with ge.com/careers or your application? We're here to help.

    Get In Touch

    Connect With Us

    Stay up to date on GE and possible opportunities that open in areas that interest you.

    Sign Up