GE Careers
Apply Now    

Sr Product Security Analyst

  • GE Digital
  • Entry-Level
  • Posted 12/4/2017 7:48:33 AM
  • 3035610
  • Job Function: Digital Technology
  • Business Segment: Digital Technology
Location(s): India; Bangalore


About Us:
GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.

Role Summary:
We are looking for an Sr. Product Security Analyst, with a focus on software development and operational technology (OT) solutions. In this role, you will partner across GE to drive improved Software/Systems Development Lifecycle capabilities. You will also engage with manufacturing experts to design, build, and measure success of security controls in OT environments like factories and labs.

Essential Responsibilities:
You are a highly technical security professional who enjoys challenging problems and has a very strong background in systems security, application security, and operational technology. In this role, you will be building relationships and providing support to product security and manufacturing teams across all GE businesses.
• Enable & support JFWTC IT Security leader on building infrastructure & capabilities for the Product Cyber security lab.

• Support JFWTC IT Security Leader & GRC PSL on all Product Cyber security requirements of 11 businesses located at JFWTC. Scope of work includes businesses of GRC, Aviation, Transportation, Oil & Gas, Power, Digital, Intelligent Platforms, Renewable Energy, Energy Connections, Corporate & Wipro GE Healthcare.

• Provide subject matter expertise for security testing, security architecture review – knowledge of available testing tools, architecture references.

• Execute Product cyber security projects at JFWTC based on global requirement from business PSLs.

• Enable regional / Global teams on OT / lab specific initiatives.

• Driving execution against the GE Product Security Policy and Implementation.

• Support GRC PSL & IT Security Leader on piloting new products like Edge to cloud & promote GE offerings of Predix, Wurldtech, MFA, SAST, DAST etc.

• Secure Development Lifecycle (Educating staff at JFWTC, defining scope of SDLC for projects across the businesses, helping to walk each project through its SDLC requirements following scope, providing cost estimates for SDLC work, alignment with GRC PSL).

• Be able to scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment.

• Engage in application and domain-specific threat modeling and attack surface analysis/reduction.

Qualifications/Requirements:
BS degree or higher in Computer Engineering or in a STEM major (Science, Technology, Engineering, or Math)
Degree requirements may be replaced with significant professional experience
Minimum of 5 years IT experience, preferably within Software Security or OT/Product Security
Minimum of 3 years IT experience with operating in a secure SDLC
#DTR

Desired Characteristics:
• Demonstrated understanding of technical and business strategy application to future architecture direction
• Contribute to and lead discussions and communications within the team and outside, including customers and other business units
• Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance
• Program and Project Management experience; expertise with Agile development teams
• Experience with secure coding principles; code signing; secure boot and knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
• Experience with SDLC, Secure code review & penetration testing
• Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)
• Knowledge of application risk identification and evaluation techniques
• Knowledge of Cyber Security and full knowledge of multiple related engineering functions
• Experience securing applications within cloud platforms such as AWS, Azure etc including microservices and server less architectures
• Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment

Locations: India; Bangalore

GE offers a great work environment, professional development, challenging careers, and competitive compensation.  GE is an Equal Opportunity Employer.  Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.


Apply Now    
Link for schema

GE Careers Technical Assistance

Having technical issues with ge.com/careers or your application? We're here to help.

Get In Touch

Connect With Us

Stay up to date on GE and possible opportunities that open in areas that interest you.

Sign Up