Security and Derivatives Associate Analyst
Citi
Staff Software Architect – Product Security
GE HealthCare
full-time
Posted on:
Location: Wisconsin • 🇺🇸 United States
Visit company websiteJob Level
Lead
Tech Stack
AWSAzureChefCloudCyber SecurityJenkinsLinuxPythonSDLCTCP/IP
About the role
- Technical ownership of product security feature deliverables
- Gather and analyze data, develop architectural requirements and lead implementation
- Work closely with cross-functional teams on requirements gathering and software design
- Scope and participate in hardware and software penetration tests and vulnerability risk assessment
- Engage in incident response methods and lead incident response related to product cyber
- Create and track metrics around product cyber risk and compensating controls
- Create vulnerability and incident trend analysis to improve product design
- Maintain cyber Bill of Materials and perform proactive vulnerability monitoring and assessment
- Engage and administer End of Life processes for digital products
- Consult architects on security requirements and best practices
- Perform application and domain-specific threat modeling and attack surface analysis/reduction
- Respond to customer-sponsored penetration tests in detail and promptly
- Provide guidance on automated testing tools and techniques
- Discover and mitigate vulnerabilities in Critical Infrastructure/Key Resource domains
- Develop and design innovative cybersecurity solutions for unique and complex technologies
- Partner with government agencies, industry experts, and academia on cybersecurity efforts
- Leverage research methodologies to advance GE HealthCare's cybersecurity practice
- Assess and investigate specific threats for severity and impact and create detailed vulnerability reports
- Create IPS/IDS rules or other mitigations to protect vulnerable systems
- Interact with global teams to promote consistency across common software platforms
- Gain mastery of the Ultrasound domain and contribute to software infrastructure development
- Apply SDLC and methodologies (Lean/Agile/XP, CI), scalability, documentation, refactoring and testing techniques
- Design, develop, implement, test and deploy subsystem/security solutions
- Manage design evolution across multi-generation product releases
- Perform design and code reviews and provide product security feedback
Requirements
- Bachelor’s degree in computer science or STEM majors required
- Minimum of 6 years of professional experience (cybersecurity domain preferred)
- Cyber Security Certification in the Privacy, Security & Regulatory domain or related certification
- Experience in object-oriented design methodology and programming languages such as C/C++
- Hands-on experience in C++ on Windows a plus
- Working knowledge of configuration management tools (Perforce, GIT, ClearCase)
- Experience working with Windows API and application programming
- Experience in software platform, advanced applications, UI design and/or systems engineering (healthcare/Ultrasound preferred)
- Strong debugging skills
- Experience with multicore and multi-threaded software design
- Experience driving technical design reviews
- Strong interpersonal, communication and influencing skills across organizational levels
- Proven analytical and problem resolution skills
- Demonstrated ability to work with and/or lead blended and global teams
- Experience setting up and maintaining automation in CI/CD workflows a plus
- Must be willing to work onsite at least 3 days a week in Wauwatosa/Waukesha, Wisconsin
- We will not sponsor individuals for employment visas for this job opening
- Willingness to complete drug screen (if applicable)
- Desired: Familiarity with identifying, analyzing, and ethically exploiting vulnerabilities
- Desired: Strong knowledge of TCP/IP networking and ability to use Wireshark
- Desired: Hands-on experience with Windows and Linux systems
- Desired: Programming skills in Python, C, C++, CUDA
- Desired: Understanding of machine language, OS, APIs, libraries, runtimes, hardware/firmware/binary interactions
- Desired: Familiarity with digital electronics, microcontrollers, SCADA/DCS exposure
- Desired: Knowledge of cybersecurity frameworks (NIST 800-53, ISO 27001, IEC 62443)
- Desired: Experience with secure coding, code signing, secure boot
- Desired: Experience with penetration testing and ethical hacking
- Desired: Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
- Desired: Knowledge of identity management and federation (SAML, Oauth, SCIM, XACML)
- Desired: Experience securing cloud platforms (AWS, Azure)
Similar jobs on JobTailor
Senior Security Researcher – Mobile Malware Reverse Engineer
CrowdStrike
Cyber SecurityPython
Senior Cybersecurity and Risk Analyst
PayPal
Cyber Security
Software Engineer – Email Security
Cloudflare
CloudDistributed SystemsJavaUnix
Product Security Engineer
Boeing
AWSAzureCloudCyber SecurityGoogle Cloud PlatformJavaPythonSubversion