Sr Cyber Security Engineer - Bangalore, IN - GE Healthcare
This position is for a Senior Cyber Security Developer in the GE Healthcare MICT Software team. The person will develop and deliver cyber security features for MICT products. Build your career in next generation Healthcare Product Cyber Security software that will cut across entire CT, PET and NM products. Experience what it takes to own complete Secure Software Development Life Cycle phases and what it means to deliver a world-class software working in collaboration with global team.
- Develop and implement security related solutions with the intent to harden the security posture of MICT products.
- Layout a cyber security strategy (implementation and test strategy) for MICT products.
- Work with cross functional teams to understand cybersecurity requirements and lead a team of developers to implement those features.
- Develop MICT security platform/Framework that can be reused across products and eliminate redundant effort on developing security features through reuse.
- Provide mentorship to project teams on the appropriate selection and implementation of security controls to enforce compliance to standards and security policies.
- Run vulnerability assessment / penetration testing and create assessment reports. Streamline Vulnerability Management and incident management efforts for MICT Systems.
- Define the security test strategy (manual, automated) for the product.
- Serve as security guide in application development, database and micro-service design. Participate/Drive in architecture security review. Review technology designs and develop security controls and solutions.
- Suggest changes to the environment that would assist with eliminating vulnerabilities and mitigating the risk of exploitation resulting in potential incidents.
- Knowledge of CI/CT/CD process and techniques of enabling security testing in the pipeline.
Candidates for this position should have minimum of 8 years of overall experience in software/IT industry and at least 6 years of Cyber Security experience and development, in addition to the following:
- Bachelor's Degree in Computer Science or related computer field
- UNIX and Linux operating systems
- Application development background using programming languages such as Java, C/C++, Python, Perl, Shell Scripting
- Experience with various security tools and products (Fortify, Nessus, nmap, Burp Suite, Metasploit, Kali Linux, etc)
- Hands on with OWASP top 10 vulnerabilities identification and remediation techniques.
- Hands on with Threat Modelling frameworks and techniques.
- Strong understanding Of Secure Communication Methods (TLS 1.2)
- Strong understanding of Cryptographic algorithms, certificates, PKI, Key Management
- Knowledge of various vulnerabilities and penetration testing
- Knowledge on Hypervisors (e.g. VMware, KVM, etc.) and Containers (Docker etc)
- Authentication, Authorization, SAML/oAuth2/OpenID Connect, RBAC, XACML
- Strong analytical skills
- Able to track and lead a large number of simultaneous activities, as well as cross-team dependent activities
- Able to work collaboratively with minimal supervision
- Effectively escalates items as required, and can influence decisions and actions without direct authority
- Able to learn new technologies and processes quickly
- Able to quickly adapt to changes in timelines and sequences
- Knowledge of working in Agile
- Good understanding of the Secure SDLC
- Master's Degree in Computer Science, Cybersecurity or related computer field.
- CISSP, CEH, GIAC certification preferred
- Experience developing web applications (Spring, REST, Web Services) and/or microservices
- Experience with front-end technologies such as HTML5/CSS, AngularJS, NodeJS etc
- Cloud Security Experience (AWS, Azure or Cloud Foundry)
- Have a deep understanding of the underlying infrastructure needed to run a large distributed web application
- Has the ability to break down problems and estimate time for development tasks
- Has the ability to make basic technology choices based on experience
- Demonstrates awareness about competitors and industry
- Has the ability to take ownership of small tasks and deliver without supervision while using the discretion to seek help when necessary
- Voices opinions and presents clear rationale. Uses data or factual evidence to influence
- Recognizes collaborative behavior and participates in collaborative activities
- Learns organization vision statement and decision making framework. Able to understand how team and personal goals/objectives contribute to the organization vision
GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.
Locations: India; Bangalore
GE will only employ those who are legally authorized to work in the United States for this opening.