Talent.com
This job offer is not available in your country.
Product Security Analyst

Product Security Analyst

GE HealthCareINDIA
30+ days ago
Job description
  • Summary
  • As a Product Security Analyst, you will be collaborating with development teams to complete security testing and tool development for our GEHC products. You will be responsible for Performing VAPT for thick and thin clients, webservices, embedded devices, and cloud. Conducting Compliance / Benchmark assessments using DISA Stigs / CIS Benchmarks. Review, Test and Suggest best practices for Cryptography, PKI (web and non-web perspective). Conducting Source code review and discuss with development teams in mitigating the issues and eliminating false positives.

    GE Healthcare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.

    Roles and Responsibilities

    You are a skilled Analyst who enjoys security work and is an expert in systems security, product / OT security, and application security.

    In this role, you will :

    • Work with product managers, independent researchers, and in-house researchers to identify, rate, report, and manage product vulnerabilities and incidents.
    • Be responsible for providing technical leadership and defining, developing, and evolving security within software in a fast-paced and agile development environment using the latest secure software development technologies and infrastructure.
    • Work with Cyber Security Leaders and SMEs to understand product requirements
    • Translate security requirements / vision into a prioritized list of user stories, completing work according to required timelines and quality standards
    • Assist security champions in completing Threat Modeling and Architecture Risk Analysis on product features
    • Perform Security Code Reviews, Vulnerability Analysis, and research on application code
    • Coach and mentor developers to implement cryptography solutions securely (PKI, Code Signing, Stored Secrets, et cetera)
    • Engage subject matter experts in successful transfer of complex domain knowledge
    • Apply principles of Secure SDLC and methodologies like Lean / Agile / XP, CI, Software and Product Security
    • Provide guidance and advice on writing secure code that meets standards and delivers desired functionality, using the technology selected for the project
    • Understand application security methodologies and frameworks
    • Leverage GE Digital's tailored Secure SDL practice into specific engineering engagements
    • Research new application security technologies and implement them to improve application security.
    • Maintaining a backlog of security-related tools that will improve the maintainability and security of our code and the pace of development
    • Promote best practices based on OWASP, SANS Top 25, and the GE Digital SDL.
    • Write fuzz scenarios to see the break network protocol suites such as TCP / IP, IPv6, UDP, TLS, DTLS
    • Ability to automate attack scenarios to avoid repetitive work.
    • Good to have experience in Bluetooth / Wifi or any radio based attacks.
    • Good to have experience in Rest API security testing and recommending best practices while opting for OAuth or OpenId connect
    • Having experience working on IoT platform will be beneficial.
    • Required Skills

    • Professional expertise with Kali Linux, Metasploit, Meterpreter.
    • Hands-on experience in Windows / Linux and network security.
    • Execute Scans using tools such as Nessus, Burp, Fortify / Coverity, Splunk etc.
    • Education Qualification

      Bachelor's Degree in Computer Science or STEM Majors (Science, Technology, Engineering, and Math) with a minimum of 3 years of experience in systems security, product / OT security, and application security.

      Desired Characteristics

    • Certifications OSCP, CCSP.
    • Languages C / C / Java / Python / Ruby
    • Proven experience in breaking the vulnerable boxes.
    • Adaptable to learn new skills or technologies as per business needs.
    • Detailed working knowledge of two modern programming languages, such as java, python, or ruby
    • Good written and oral communication skills and successful security consulting background.
    • At least 2 years of security consulting involvement with development team(s) that delivered software-based services
    • Experience in developing secure applications
    • A high energy and a result-oriented attitude / approach, with an understanding of release timelines and the need to enable development teams, not slow them down
    • Experience with Security Development Lifecycle processes such as Threat Modeling desired
    • Contribute to and lead discussions and communications within the team and outside, including customers and other business units
    • Excellent knowledge of Object Oriented Analysis and Design, Software Design Patterns and coding principles
    • Hands-on Experience with developing cloud-deployed applications that utilize oath 2
    • Hands-on experience with developing RESTful web services
    • Mobile Architecture experience, designing, developing, and integrating solutions.
    • Experience with penetration testing tools, ability to replicate security defects uncovered by groups such as GE's red team
    • Good understanding of security tools and technologies to facilitate secure development
    • Inclusion and Diversity

      GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

      We expect all employees to live and breathe our behaviors : to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership always with unyielding integrity.

      Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything youd expect from an organization with global strength and scale, and youll be surrounded by career opportunities in a culture that fosters care, collaboration, and support.

      LI-AM11

      Hybrid

      Additional Information

      Relocation Assistance Provided : Yes

      Locations - IND19-01-Bengaluru-EPIP 122 (Phase II), India

    Create a job alert for this search

    Product Analyst • INDIA

    Related jobs
    • Promoted
    Product Analyst

    Product Analyst

    HealthWorksAIKalyan-Dombivli, IN
    Explainable Artificial Intelligence is an approach to building AI systems that can provide clear explanations for their decisions and actions. It aims to increase transparency and trust in AI by ena...Show moreLast updated: 1 day ago
    Product Security Analyst

    Product Security Analyst

    emersonMAHARASHTRA, India
    In This Role, Your Responsibilities Will Be : .Maintain awareness : gain and maintain proficiency with internal guidelines and templates. Document Review : Thoroughly review security documentation, incl...Show moreLast updated: 15 days ago
    SAP Product Security Analyst

    SAP Product Security Analyst

    BAKER HUGHESINDIA
    Are you passionate about being part of a successful team?.Would you like to work for a forward thinking technology company?. Our Oilfield Services business provides intelligent, connected technologi...Show moreLast updated: 30+ days ago
    • Promoted
    Security Analyst

    Security Analyst

    DexianBangalore
    The Security Response Team (SRT) is part of the Cyber Data Risk and Resilience division and manages the incident response capability to support day-to-day cross-enterprise event investigations and ...Show moreLast updated: 14 days ago
    Security Analyst

    Security Analyst

    Serigor Inc.Gurgaon, IN
    Quick Apply
    Title : Security Analyst Location : Gurgaon, India Type of job : Full-time THIS IS NOT A 100% REMOTE ROLE; CANDIDATE MUST BE WILLING TO WORK FROM OFFICE (GURGAON) WHEN REQUIRED ...Show moreLast updated: 30+ days ago
    Product Analyst

    Product Analyst

    SpendfloChennai, Tamil Nadu, India
    Procurement today is broken - slow, siloed, and outdated.We’re building the go-to platform for high-growth companies to manage procurement, renewals, spend visibility, and cost optimisation - all i...Show moreLast updated: 1 day ago
    Product Analyst

    Product Analyst

    CollegeduniaIndia
    About your new company!! Collegedunia is an education portal, matching students with the best colleges in India abroad.We help in college research, exam prep tips, application process & also provid...Show moreLast updated: 30+ days ago
    Security Analyst

    Security Analyst

    PradeepIT Consulting Services Pvt LtdBengaluru, Karnataka, India
    Quick Apply
    Ability to handle confidential and sensitive information with utmost integrity and professionalism.Strong analytical and problem-solving skills. Excellent written and verbal communication skills.Abi...Show moreLast updated: 30+ days ago
    • Promoted
    Security Analyst - API Security

    Security Analyst - API Security

    Lennox India Technology CentreChennai, Tamil Nadu, India
    Dynamic Application Security Testing (DAST).REST, SOAP, GraphQL), identifying flaws like BOLA, token leakage, replay attacks, etc. Static Application Security Testing (SAST).DevOps, developers, and ...Show moreLast updated: 14 days ago
    • Promoted
    Security Analyst

    Security Analyst

    Scaling TheoryBangalore
    As a Security Analyst / Engineer, you will be responsible for supporting the security operations of our organization by assisting in the monitoring, detection, and response to security incidents.This...Show moreLast updated: 30+ days ago
    Technology analyst(2-5yrs only)-Product Security

    Technology analyst(2-5yrs only)-Product Security

    EdgeVerveBangalore Urban, Karnataka, India
    Edgeverve is a subsidiary of Infosys Ltd, specializing in Products.You will get an opportunity to work with a motivated team of individuals that cater to critical areas of security like product sec...Show moreLast updated: 1 day ago
    Product Security Analyst

    Product Security Analyst

    Advanced Sterilization ProductsIndia
    Working with internal stakeholders across numerous technical functions.Operate as a SME for product teams regarding secure development practices and technical matters. Coordinate shared product secu...Show moreLast updated: 30+ days ago
    Staff Product Security Analyst

    Staff Product Security Analyst

    GE Healthcare LtdINDIA
    As a Staff Product Security Analyst you will be part of the GE HealthCare DCAR team with the vision of building and sustaining product competencies and customer orientation to provide timely patien...Show moreLast updated: 30+ days ago
    Security Analyst

    Security Analyst

    SHI | Locuz - An SHI CompanyMumbai, Maharashtra, India
    Designation : SOC Analyst ( L1 and L2).Interested can reach out to sreeharinath.Proven working experience 2-7 year(s)) in a security operations center (SOC). Hands-on experience with security tools ...Show moreLast updated: 1 day ago
    Product Security Engineer / Threat Analyst

    Product Security Engineer / Threat Analyst

    Becton Dickinson India Pvt LtdINDIA
    We are seeking a talented Product Security and Threat Analyst Engineer to join our Post-Market Vulnerability Team.You will be at the forefront of our product security cybersecurity defense.This rol...Show moreLast updated: 3 days ago
    Product Security Analyst

    Product Security Analyst

    CopelandMAHARASHTRA, India
    In This Role, Your Responsibilities Will Be : .Maintain awareness : gain and maintain proficiency with internal guidelines and templates. Document Review : Thoroughly review security documentation, incl...Show moreLast updated: 15 days ago
    • Promoted
    Magna - IR Analyst - Product Cyber Security

    Magna - IR Analyst - Product Cyber Security

    Magna InternationalBangalore
    At Magna, you can expect an engaging and dynamic environment where you can help to develop industry-leading automotive technologies. We invest in our employees, providing them with the support and r...Show moreLast updated: 9 days ago
    Staff Product Security Analyst

    Staff Product Security Analyst

    Baker HughesNavi Mumbai, Maharashtra, India
    Join our Product Security team.We operate at the heart of the digital transformation of our business.Our team is responsible for Product Security including application security for our global organ...Show moreLast updated: 6 days ago