Sr Product Security Analyst

Job Description Summary

We are looking for an Sr Product Security Analyst, with a focus on Penetration testing and Python coding. In this role you will work in a team to identify, risk rate, communicate and track product vulnerabilities and be a part of the Cyber Security Lab team.

GE Healthcare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.

Job Description

Roles and Responsibilities

In this role, you will :

Be able to scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment.

Engage in application and domain-specific threat modeling and attack surface analysis / reduction

Engage in incident response methods lead incident response processes related to product cybersecurity

Create and track meaningful metrics around product cyber risk and compensating controls

Perform Security Code Reviews, Vulnerability Analysis and research on application code

Create vulnerability and incident trend analysis to improve product design

Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components

Engage and administer End Of Life processes for digital products

Promote best practices based on OWASP, SANS Top 25.

Write fuzz scenarios to see the break network protocol suites such as TCP / IP, IPv6, UDP, TLS, DTLS

Ability to automate attack scenarios to avoid repetitive work.

Consult, architect on security requirements and utilize best practices to meet them.

Help prepare reports at appropriate levels of confidentiality for stakeholders to view

Respond promptly and in detail to customer-sponsored penetration tests

Provide guidance on automated testing tools and techniques

Required Skills

Professional expertise with Kali Linux, Metasploit, Meterpreter.

Hands-on experience in Windows / Linux and network security.

Execute Scans using tools such as Nessus, Burp, Fortify / Coverity, Splunk etc.

Education Qualification

Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) with a minimum of 5+ years of experience in systems security, product / OT security and application security

Technical Expertise

Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance

Experience with secure coding principles; code signing; secure boot

Experience with penetration testing and ethical hacking

Knowledge of CI / CD and automation tools (Chef, Git, Jenkins)

Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)

Experienced in developing web services (SOAP / REST)

Must be available for on call for potential security response

Knowledge of application risk identification and evaluation techniques

Knowledge of Cyber Security and full knowledge of multiple related engineering functions

Experience securing applications within cloud platforms such as AWS, Azure and alike.

Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment

Inclusion and Diversity

GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

We expect all employees to live and breathe our behaviors : to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity.

Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.

#LI-AM11

#LI-Hybrid

Additional Information

Relocation Assistance Provided : Yes