GE Careers
Apply Now    

Principal Product Security Ldr

  • GE Digital
  • Experienced
  • Posted 12/29/2017 8:49:44 AM
  • 3043666
  • Job Function: Digital Technology
  • Business Segment: Digital Predix Products & Technology
Location(s): Russian Federation; Moscow


About Us:
GE (NYSE: GE) is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. GE is organized around a global exchange of knowledge, the "GE Store," through which each business shares and accesses the same technology, markets, structure and intellect. Each invention further fuels innovation and application across our industrial sectors. With people, services, technology and scale, GE delivers better outcomes for customers by speaking the language of industry. www.ge.com

Business Overview: GE Digital is the team behind Predix, the world's first cloud-based industrial operating system, empowering millions of businesses to run smarter and improve people's lives. We build the software that transforms the way people connect with their data, devices and machines. www.ge.com/digital/

Predix is a GE’s cloud platform for the Industrial Internet. It is a Platform-as-a-Service (PaaS) for developing, deploying, and monetizing Industrial Internet applications. Predix powers advanced industrial applications for power generation and distribution, oil and gas, mining, healthcare, manufacturing, transportation, aviation, intelligent infrastructure, and more. www.predix.io

Role Summary:
The Principal Product Security Leader will own project management, design, delivery, and drive implementation of security and compliance controls for securing GE Digital (Predix) initiatives. Specifically, this role will involve the development and implementation of a comprehensive roadmap of the security and compliance controls for enterprise software solutions essential to external customers on Predix.

Essential Responsibilities:
In this role, you will:

• Lead and execute delivery and implementation of key security & compliance controls for securing Predix initiatives according to both GE Digital standards and Russian legislation requirements
• Work in partnership with the Predix development squads to ensure that cyber security is embedded in the software development process
• Drive tailored SDL practice into specific engineering
• Consult architect on security requirements and utilize best practices to meet them
• Engage in application and domain-specific threat modeling and attack surface analysis/reduction
• Working with all scrum teams for security-focused design
• Identifying and ensuring resolution of possible technical implications of each release
• Maintaining a backlog of security-related tools that will improve the maintainability and security of our code and the pace of development
• Help prepare reports at appropriate levels of confidentiality for stakeholders to view
• Responding to customer-facing departments about Predix security posture
• Responding promptly and in detail to customer-sponsored penetration tests
• Promotes standards through workshops, knowledge shares, and code walk-throughs
• Promotes best practices and design patterns
• Provides guidance on automated testing tools and techniques
• Securely on-board external developer applications and third party services as part of the overall Predix ecosystem

Qualifications/Requirements:
• Bachelor's Degree in Computer Engineering or in a STEM major (Science, Technology, Engineering, or Math) and/or a minimum of 4 years of equivalent experience
• A minimum of 4 years of experience in security development life cycle
• At least 4 years of experience involvement with development team(s) that delivered software based services
• Fluent in both Russian and English languages

Technical Expertise:
• Object Oriented Design and principles
• Ability to write high quality code
• Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
• Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)
• Experienced in developing web services (SOAP/REST)
• Experience securing applications within cloud platforms such as AWS, Azure and alike.
• Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment

Desired Characteristics:
• 2+ of project management experience in developing RESTful micro-service based applications; PMP certified (preferred)
• 3+ years of hands-on experience with Agile (Scrum or XP) and test & behavior driven development, continuous integration and version control (GitHub); Certified Agile scrum master preferred
• Understanding of requirements management and user story development (Rally or similar tool)
• Working knowledge of security services including PKI, TLS, authentication services, fine grained access control, and network security services
• Knowledge of application risk identification and evaluation techniques
• Evaluate different products in security space and recommend and implement most optimal solutions
• Hands-on experience with analyzing threat reports, vulnerability reports and drive towards implementing them
• Experience with secure architectures, identity and access management principles, application security, encryption technologies, DNS, SOA, database and web applications

Successful candidates will be employed under local employment conditions and must already satisfy local employment/work permit and residency regulations.

Locations: Russian Federation; Moscow

GE offers a great work environment, professional development, challenging careers, and competitive compensation.  GE is an Equal Opportunity Employer.  Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.


Apply Now    
Link for schema

GE Careers Technical Assistance

Having technical issues with ge.com/careers or your application? We're here to help.

Get In Touch

Connect With Us

Stay up to date on GE and possible opportunities that open in areas that interest you.

Sign Up