Sr Product Security Analyst - Cybersecurity Compliance Engineer
Description de l'offre
Digital Platform & Industrial Applications
We are seeking a strong hands-on candidate in our Cyber Security team who understands the architecture and security requirements for the Cloud IaaS/PaaS/SaaS layers. This person will engage in all phases of understanding, architecting, implementing, mapping security requirements and collaborating across engineering teams to influence and provide solutions to implement security requirements.
The ideal candidate should be well versed in AWS/AZURE Cloud and have a collaborative working-style to help accelerate the understanding and implementation of security requirements to support one of the world’s largest, digital software businesses.
In this role, you will:
· Interact closely with other cyber security architects, engineering, and product management teams to ensure adequate security capabilities and controls are in place within the technology stack to mitigate security risks and meet compliance requirements;
· Continuously research, design, and advocate/recommend new security technologies, architectures, and products that will support/improve security in continuing to meet compliance requirements;
· Function as the “go-to” individual with in-depth understanding of all security Compliance related nuances within our stack. Develop the ability to effectively navigate a highly complex environment to independently retrieve technical evidence for gaining assurance over effectiveness of controls;
· Serve as the subject matter expert who will actively guide the broader risk and compliance team on all security related technical components within our environment. Proactively mentor and train junior team members;
· Embrace a culture of continuous service improvement and service excellence. Keep abreast of latest cyber security technical risks and conduct ad-hoc security architecture/application reviews to assess new risks;
· Communicate, drive accountability, and manage closure of security risks/defects and solutions by working hand in hand with our engineering and product partners;
· Provide security compliance requirements into cloud solutions design, architecture, and IIoT to ensure it is incorporated early in the process.
· Perform cloud security and compliance assessments at all levels of the Infrastructure, Platform and Software by utilizing established security frameworks.
· Demonstrate the understanding of Agile software development lifecycle and able to distinguish the core inputs and outputs in each cycle.
· Familiarty with one or more industry Security compliance frameworks and/or regulations (ISO27001/2, PCI-DSS, HIPAA, FedRAMP, SSAE16, SOC 1, SOC 2, IEC62443, International Privacy Requirements including EU Privacy and Safe Harbor).
· Establish operating rhythm to report out on key metrics including status of assessments and issue management.
· Stay current and utilize industry standards and best practices to drive improvements in overall security posture of the cloud service providers (e.g. Azure, AWS)
· BS degree or higher in MIS, Computer Engineering or in a STEM major (Science, Technology, Engineering or Math)
· Minimum 3 years of architecting security solutions and in-depth knowledge of security protocols/tools, and automation
Eligibility Requirements: (Country Specific)
· Legal authorization to work in the U.S. is required. GE may agree to sponsor an individual for an employment visa now or in the future if there is a shortage of individuals with particular skills.
· Any offer of employment is conditioned upon the successful completion of a background investigation and drug screen
· Must be willing to travel
· Must be willing to work out of an office located in San Ramon, CA
· A High energy and a result-oriented person.
· Strong oral communication, business writing, presentation and facilitation skills
· Experience communicating with geographically distributed teams.
· Foster a collaborative and cooperative team environment, encouraging input and participation from all members.
· Expert understanding of incident/defect handling processes.
· Security consulting or equivalent experience.
· Experience in large enterprise environments.
· Strong communication and interpersonal skills.
· Experience with the application of risk identification techniques.
· Ability to influence others effectively across a matrixed organization
· Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment.
· Strong experience working within a cloud based microservices environment. Demonstrated expertise in security architecture across the infrastructure, platform, and application layers.
· Strong experience with popular cloud provider ecosystems, including Amazon AWS and Microsoft Azure.
· Strong experience designing and implementing encryption solutions.
· Internationally recognized information security/IT Audit certification/qualifications such as CISSP, CISA, GSNA, GSAE, or CCNA
· Detailed understanding of industry accepted Information Security and IT governance standards (i.e. COBIT, ISO, NIST)
· Excellent analytical / technical skills
· Knowledge of compliance programs such as ISO, SOC, FedRAMP, HIPAA etc. preferred.
GE (NYSE:GE) drives the world forward by tackling its biggest challenges. By combining world-class engineering with software and analytics, GE helps the world work more efficiently, reliably, and safely. GE people are global, diverse and dedicated, operating with the highest integrity and passion to fulfill GE’s mission and deliver for our customers. www.ge.com
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is anEqual Opportunity Employer . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Additional Eligibility Qualifications
GE will only employ those who are legally authorized to work in the United States for this opening.
Voici d'autres offres qui pourraient te plaire
À propos de General Electric
Inventer le monde industriel de demain, telle est la motivation de General Electric.
Multinationale de renom, GE est leader dans les secteurs énergie et transports dont les activités se répartissent entre GE Energy Infrastructure, GE Technology Infrastructure, GE Capital, GE Consumer & Industrial et NBC Universal. Doté d'importants pôles de recherche, General Electric met donc à profit son savoir-faire et ses connaissance afin produire de l'énergie, bâtir, faciliter les déplacement et améliorer les soins à travers le monde.
GE couvre un large de panel de métiers, niveaux et compétences à travers des fonctions d'ingénierie, marketing, santé, finance, logistique, communication, business développement etc. De ce fait, les offres du simple stage au CDI ne manquent pas en France, notamment sur les sites de Buc et Velizy Villacoublay, près de Paris.
La société offre des voies professionnelles multiples et intéressantes d'un point de vue rémunération, cadre de travail et challenges pour de jeunes stagiaires ou alternants souhaitant mettre à profit leurs compétences au sein d'une entreprise au service de tous pour inventer les solutions de demain.
Rejoignez GE pour construire votre parcours ensemble.