Talent.com
This job offer is not available in your country.
Product Security Analyst

Product Security Analyst

ConfidentialBengaluru / Bangalore, India
9 days ago
Job description

Job Description Summary

As a Product Security Analyst, you will be collaborating with development teams to complete security testing and tool development for our GEHC products. You will be responsible for Performing VAPT for thick and thin clients, webservices, embedded devices and cloud. Conducting Compliance / Benchmark assessments using DISA Stigs / CIS Benchmarks .Review, Test and Suggest best practices for Cryptography, PKI (web and non-web perspective). Conducting Source code review and discuss with development teams in mitigating the issues and eliminating false positives.

GE Healthcare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.

Job Description

Roles and Responsibilities

You are a skilled Analyst who enjoys security work and is an expert in systems security, product / OT security and application security.

In This Role, You Will

  • Work with product managers, independent researchers, and in-house researchers to identify, rate, report and manage product vulnerabilities and incidents.
  • Be responsible for providing technical leadership and defining, developing, and evolving security within software in a fast-paced and agile development environment using the latest secure software development technologies and infrastructure.
  • Work with Cyber Security Leaders and SMEs to understand product requirements
  • Translate security requirements / vision into a prioritized list of user stories, completing work according to required timelines and quality standards
  • Assist security champions in completing Threat Modeling and Architecture Risk Analysis on product features
  • Perform Security Code Reviews, Vulnerability Analysis and research on application code
  • Coach and mentor developers to implement cryptography solutions securely (PKI, Code Signing, Stored Secrets, et cetera)
  • Engage subject matter experts in successful transfer of complex domain knowledge
  • Apply principles of Secure SDLC and methodologies like Lean / Agile / XP, CI, Software and Product Security
  • Provide guidance and advice on writing secure code that meets standards and delivers desired functionality, using the technology selected for the project
  • Understand application security methodologies and frameworks
  • Leverage GE Digital&aposs tailored Secure SDL practice into specific engineering engagements
  • Research new application security technologies and implement them to improve application security.
  • Maintaining a backlog of security-related tools that will improve the maintainability and security of our code and the pace of development
  • Promote best practices based on OWASP, SANS Top 25, and the GE Digital SDL.
  • Write fuzz scenarios to see the break network protocol suites such as TCP / IP, IPv6, UDP, TLS, DTLS
  • Ability to automate attack scenarios to avoid repetitive work.
  • Good to have experience in Bluetooth / Wifi or any radio based attacks.
  • Good to have experience in Rest API security testing and recommending best practices while opting for OAuth or OpenId connect
  • Having experience working on IoT platform will be beneficial.

Required Skills

  • Professional expertise with Kali Linux, Metasploit, Meterpreter.
  • Hands-on experience in Windows / Linux and network security.
  • Execute Scans using tools such as Nessus, Burp, Fortify / Coverity, Splunk etc.
  • Education Qualification

    Bachelor&aposs Degree in Computer Science or "STEM" Majors (Science, Technology, Engineering and Math) with a minimum of 3+ years of experience in systems security, product / OT security and application security.

    Desired Characteristics

  • Certifications – OSCP, CCSP.
  • Languages – C / C++ / Java / Python / Ruby
  • Proven experience in breaking the vulnerable boxes.
  • Adaptable to learn new skills or technologies as per business needs.
  • Detailed working knowledge of two modern programming languages, such as java, python, or ruby
  • Good written and oral communication skills and successful security consulting background.
  • At least 2 years of security consulting involvement with development team(s) that delivered software-based services
  • Experience in developing secure applications
  • A high energy and a result-oriented attitude / approach, with an understanding of release timelines and the need to enable development teams, not slow them down
  • Experience with Security Development Lifecycle processes such as Threat Modeling desired
  • Contribute to and lead discussions and communications within the team and outside, including customers and other business units
  • Excellent knowledge of Object Oriented Analysis and Design, Software Design Patterns and coding principles
  • Hands-on Experience with developing cloud-deployed applications that utilize oath 2
  • Hands-on experience with developing RESTful web services
  • Mobile Architecture experience, designing, developing, and integrating solutions.
  • Experience with penetration testing tools, ability to replicate security defects uncovered by groups such as GE&aposs red team
  • Good understanding of security tools and technologies to facilitate secure development
  • Inclusion and Diversity

    GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

    We expect all employees to live and breathe our behaviors : to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity.

    Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you'd expect from an organization with global strength and scale, and you'll be surrounded by career opportunities in a culture that fosters care, collaboration and support.

    #Hybrid

    Additional Information

    Relocation Assistance Provided : Yes

    Show more

    Show less

    Skills Required

    Java, Metasploit, C, Fortify, Network Security, Nessus, Burp, Restful Web Services, Kali Linux, Coverity, Splunk, Ruby, Python

    Create a job alert for this search

    Product Analyst • Bengaluru / Bangalore, India

    Related jobs
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    interface.aihosur, tamil nadu, in
    Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show moreLast updated: 26 days ago
    • Promoted
    NetAnalytiks - EDR Security Analyst - Sentinel / Crowdstrike

    NetAnalytiks - EDR Security Analyst - Sentinel / Crowdstrike

    NETANALYTIKS TECHNOLOGIES LIMITEDBangalore
    Job Overview : We are looking for an experienced EDR Security Analyst to strengthen our cybersecurity operations team.The ideal candidate will have hands-on expertis...Show moreLast updated: 12 days ago
    • Promoted
    INFOLOB Global - Security Compliance Analyst II

    INFOLOB Global - Security Compliance Analyst II

    INFOLOB SOLUTIONS INDIA PRIVATE LIMITEDBangalore
    Job Description : At Infoblox, every breakthrough begins with a bold what if.What if your ideas could ignite global innovation?. What if your curiosity could redefine...Show moreLast updated: 7 days ago
    • Promoted
    • New!
    Lead Data Engineer & ML Analyst

    Lead Data Engineer & ML Analyst

    Eltropyhosur, tamil nadu, in
    We’re looking for someone with.Design and manage scalable ETL / ELT pipelines using AWS Glue, Redshift, S3, and Kafka / Kinesis. Architect and implement data lake and warehouse solutions following best ...Show moreLast updated: 11 hours ago
    • Promoted
    • New!
    Security Engineer (Remote)

    Security Engineer (Remote)

    DigiHelic Solutions Pvt. Ltd.hosur, tamil nadu, in
    Remote
    We are looking for a proactive and experienced.In this role, you will design, implement, and maintain.The ideal candidate will have deep. Monitor cloud environments for.AWS-native and third-party to...Show moreLast updated: 11 hours ago
    • Promoted
    Senior Product Security Engineer

    Senior Product Security Engineer

    sliceBengaluru, India
    We’ve all felt how slow, confusing, and complicated banking can be.We’re building every product from scratch to be fast, transparent, and feel good, because we believe that the best products transc...Show moreLast updated: 30+ days ago
    • Promoted
    Product Analyst

    Product Analyst

    Binary Semantics Ltd.bangalore district, karnataka, in
    We are a client centric global software development company offering IT services, Consulting services and Knowledge services across several industry segments such as Automobiles, Manufacturing, FMC...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Cyber Security Consultant

    Cyber Security Consultant

    Dautomhosur, tamil nadu, in
    Act as the technical consultant for assigned cybersecurity tasks and milestones.Plan, deploy, and manage Trellix products : . Trellix DLP (Data Loss Prevention).Trellix ePO (ePolicy Orchestrator).Trel...Show moreLast updated: 11 hours ago
    • Promoted
    Security Analyst

    Security Analyst

    Tata Consultancy ServicesBengaluru, Karnataka, India
    Experience range : 6 to 8 years.Location : Bengaluru, Hyderabad, Chennai, Pune, Kolkata.Provide BAU support for secrets management applications like. Collaborate with various internal and external st...Show moreLast updated: 6 days ago
    • Promoted
    Product Sales Specialist(Cyber Security Products)

    Product Sales Specialist(Cyber Security Products)

    Airtel BusinessBengaluru, Karnataka, India
    Business Development experience, able to work with Sales teams to generate opportunities for Security Product offerings.Design, Presents, demonstrates the Network Architecture for the Security doma...Show moreLast updated: 30+ days ago
    • Promoted
    Security Technology Lifecycle Analyst

    Security Technology Lifecycle Analyst

    HR PLACEMENT CONSULTANTS (HRPC)Bangalore Rural, Karnataka, India
    Position - Analyst - Security Technology Lifecycle Analyst.Job Type - Full-time (Third party payroll •).The Security Technology Lifecycle Analyst plays a critical role in supporting the Corporate Se...Show moreLast updated: 20 days ago
    • Promoted
    Senior Product Security Engineer

    Senior Product Security Engineer

    Pocket FMBengaluru, Karnataka, India
    Pocket FM is the world’s largest audio entertainment platform, revolutionizing the way stories are told and consumed.We bring together storytelling, technology, and creativity to deliver an immersi...Show moreLast updated: 30+ days ago
    • Promoted
    Tactical Analyst

    Tactical Analyst

    MAX Securityhosur, tamil nadu, in
    Max is Global Risk Management organization based out in Tel Aviv, Israel and its APAC HQ is based out of Mumbai.Led by veterans from Israeli Military Special Forces, Intelligence, Cyber and Secret ...Show moreLast updated: 30+ days ago
    • Promoted
    Product Security Specialist - SAST / DAST

    Product Security Specialist - SAST / DAST

    Nazztec Private LimitedBangalore
    Job Title : Product Security Specialist Job Type : Permanent Work Mode : Hybrid (Bangalore / Pune) Show moreLast updated: 5 days ago
    • Promoted
    Product Analyst

    Product Analyst

    BigSpringBangalore, IN
    Think of revenue as the “game scoreboard”, and BigSpring AI as the practice engine for people to get ready for the game.Google, Pfizer, SAP, Cisco, HSBC, Tata, Nutanix use BigSpring AI across their...Show moreLast updated: 30+ days ago
    • Promoted
    Production Control Analyst

    Production Control Analyst

    Best Infosystems Ltd.hosur, tamil nadu, in
    Production Control Analyst_Full-Time_Noida (Remote)_Shift Timing : PST and overlap IST / PST.Seeking a Production Control Security Analyst that has strong technical knowledge IBM Security Verify Acces...Show moreLast updated: 30+ days ago
    • Promoted
    Betsol - Security Analyst - Cyber Security Operations

    Betsol - Security Analyst - Cyber Security Operations

    Betsol Software India Private LimitedBangalore
    Company Overview : BETSOL is a cloud-first digital transformation and data management company offering innovative products and I...Show moreLast updated: 15 days ago
    • Promoted
    Lead Security Engineer

    Lead Security Engineer

    Arcanahosur, tamil nadu, in
    As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    SAP Security Specialist (WFH - Contract)

    SAP Security Specialist (WFH - Contract)

    DSAPRO IT Private Limitedhosur, tamil nadu, in
    Remote
    We have a SAP Security Specialist position (Contract - Work-from-Home) for one of our clients who is a niche US product company. Design, implement, and maintain SAP security roles and authorizations...Show moreLast updated: 11 hours ago
    • Promoted
    Lucio - Product Analyst

    Lucio - Product Analyst

    Lucio AIBangalore
    Job Title : Product Analyst Mode : WFO in Bangalore Working hours : 10 am to 7 pm <...Show moreLast updated: 30+ days ago