Sr Product Security Analyst - Cybersecurity Compliance Engineer
California (St. Mary's) Bachelor's Degree Design / Civil engineering / Industrial engineering
Job description
3183238
Additional Cities
San Ramon
Career Level
Experienced
Relocation Assistance
No
Business
GE Digital
Business Segment
Digital Platform & Industrial Applications
Function
Digital Technology
Country/Territory
United States
Additional States/Provinces
California
Postal Code
94583
Role Summary/Purpose
We are seeking a strong hands-on candidate in our Cyber Security team who understands the architecture and security requirements for the Cloud IaaS/PaaS/SaaS layers. This person will engage in all phases of understanding, architecting, implementing, mapping security requirements and collaborating across engineering teams to influence and provide solutions to implement security requirements.
Essential Responsibilities
The ideal candidate should be well versed in AWS/AZURE Cloud and have a collaborative working-style to help accelerate the understanding and implementation of security requirements to support one of the world’s largest, digital software businesses.
In this role, you will:
· Interact closely with other cyber security architects, engineering, and product management teams to ensure adequate security capabilities and controls are in place within the technology stack to mitigate security risks and meet compliance requirements;
· Continuously research, design, and advocate/recommend new security technologies, architectures, and products that will support/improve security in continuing to meet compliance requirements;
· Function as the “go-to” individual with in-depth understanding of all security Compliance related nuances within our stack. Develop the ability to effectively navigate a highly complex environment to independently retrieve technical evidence for gaining assurance over effectiveness of controls;
· Serve as the subject matter expert who will actively guide the broader risk and compliance team on all security related technical components within our environment. Proactively mentor and train junior team members;
· Embrace a culture of continuous service improvement and service excellence. Keep abreast of latest cyber security technical risks and conduct ad-hoc security architecture/application reviews to assess new risks;
· Communicate, drive accountability, and manage closure of security risks/defects and solutions by working hand in hand with our engineering and product partners;
· Provide security compliance requirements into cloud solutions design, architecture, and IIoT to ensure it is incorporated early in the process.
· Perform cloud security and compliance assessments at all levels of the Infrastructure, Platform and Software by utilizing established security frameworks.
· Demonstrate the understanding of Agile software development lifecycle and able to distinguish the core inputs and outputs in each cycle.
· Familiarty with one or more industry Security compliance frameworks and/or regulations (ISO27001/2, PCI-DSS, HIPAA, FedRAMP, SSAE16, SOC 1, SOC 2, IEC62443, International Privacy Requirements including EU Privacy and Safe Harbor).
· Establish operating rhythm to report out on key metrics including status of assessments and issue management.
· Stay current and utilize industry standards and best practices to drive improvements in overall security posture of the cloud service providers (e.g. Azure, AWS)
Qualifications/Requirements
Basic Qualifications:
· BS degree or higher in MIS, Computer Engineering or in a STEM major (Science, Technology, Engineering or Math)
· Minimum 3 years of architecting security solutions and in-depth knowledge of security protocols/tools, and automation
Eligibility Requirements: (Country Specific)
· Legal authorization to work in the U.S. is required. GE may agree to sponsor an individual for an employment visa now or in the future if there is a shortage of individuals with particular skills.
· Any offer of employment is conditioned upon the successful completion of a background investigation and drug screen
· Must be willing to travel
· Must be willing to work out of an office located in San Ramon, CA
Desired Characteristics
Desired Characteristics:
· A High energy and a result-oriented person.
· Strong oral communication, business writing, presentation and facilitation skills
· Experience communicating with geographically distributed teams.
· Foster a collaborative and cooperative team environment, encouraging input and participation from all members.
· Expert understanding of incident/defect handling processes.
· Security consulting or equivalent experience.
· Experience in large enterprise environments.
· Strong communication and interpersonal skills.
· Experience with the application of risk identification techniques.
· Ability to influence others effectively across a matrixed organization
Technical Expertise:
· Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment.
· Strong experience working within a cloud based microservices environment. Demonstrated expertise in security architecture across the infrastructure, platform, and application layers.
· Strong experience with popular cloud provider ecosystems, including Amazon AWS and Microsoft Azure.
· Strong experience designing and implementing encryption solutions.
· Internationally recognized information security/IT Audit certification/qualifications such as CISSP, CISA, GSNA, GSAE, or CCNA
· Detailed understanding of industry accepted Information Security and IT governance standards (i.e. COBIT, ISO, NIST)
· Excellent analytical / technical skills
· Knowledge of compliance programs such as ISO, SOC, FedRAMP, HIPAA etc. preferred.
· Hands on experience of JavaScript, Oracle PL/SQL and Web development technologies is required.
#DTR
About Us
GE (NYSE:GE) drives the world forward by tackling its biggest challenges. By combining world-class engineering with software and analytics, GE helps the world work more efficiently, reliably, and safely. GE people are global, diverse and dedicated, operating with the highest integrity and passion to fulfill GE’s mission and deliver for our customers. www.ge.com
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is anEqual Opportunity Employer . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Additional Eligibility Qualifications
GE will only employ those who are legally authorized to work in the United States for this opening.
Primary Country
United States
Primary State/Province
California
Primary City
San Ramon