דרושים Product Security Analyst ב-Ge Healthcare ב-הודו

Roles and Responsibilities

• Skills in post market product surveillance to handle complaints and support efforts for regulatory reporting and establishing appropriate corrective and preventive actions for the safe and effective use of GE Healthcare (GEHC) products.

• Applies general knowledge of business developed through education or past experience. Understands how work of own team contributes to the area.

• Resolves issues using established procedures. Consults People Leader or more senior team members for issues outside of defined parameters.

• Collaborates with others to solve issues. For customer facing roles, develops strong customer relationships and serves as the interface between customer and GE. Exchanges technical information, asks questions and checks for understanding.

• Handles simple data entry work requiring face value check and correction.

Required Qualifications

• This role requires basic experience in the Quality & Product Surveillance. Knowledge level is comparable to a Bachelor's degree from an accredited university or college

Desired Characteristics

• Strong oral and written communication skills. Ability to document, plan, market, and execute programs.

total rewardsare designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support

Key Responsibilities:

• Assess the security for software/Product architecture – guide the product architects to ensure security is built into at the design level itself.

• Own development of cyber security artifacts including threat model and lead discussion on identifying mitigations.

• Assist the Engineering teams in triaging and identification of fix for detected product vulnerabilities.

• Interact with internal / external team to co-ordinate security and privacy assessments which includes VAPT to determine compliance and security posture.

• Assist business units in the development and implementation of product security and Privacy practices including policies, standards, guidelines, and procedures.

• Verify that security and privacy requirements defined in the security plans, policies, and procedures are followed and protection measures are functioning as intended.

• Guide the business unit in their management of the resolution of security audit or review findings.

• Provide security risk management and security advice as well as advice on strategic direction relating to product and information security.

• Assist with security incidents and review risk and impact of breaches to protected systems.

• Review proposed services, engineering changes, and feature requests for security implications and needed security controls.
  

Qualifications/Requirements:

• Bachelor’s degree in engineering

• Should have 7+ years of development and security experience which includes application security, mobile security, network security, OS security and Cloud Security.

• Experience in Rest Api, Kubernetes and container security assessments.

• Product/Information security experience in all phases of service/product development and deployment including architecture, design, development, testing and deployment.

• Good understanding of AWS services, specifically related to security.

• Experience in designing security solutions.

• Hands-on experience in execution and review of Static & Dynamic Code Analysis reports and ability to discuss with development teams for true positives.

• Experience and knowledge of penetration testing methodologies and tools.

• Conducting information security analyses, audits, and reviews

• Experience in Automation of pen test scenarios using Python or any other languages is mandatory

• Willingness to learn new technologies and work on security for varied products.

• Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders

• Sound security engineering knowledge (technical) so as to work collaboratively with the Tech Leads and software/products architects to ensure secure products.

• Knowledge of information system architecture and security controls (e.g., firewall, specialized appliances)

• Sound understanding of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA), OAUTH authentication, 2FA

Desired Characteristics:

• AWS Solution Architect – Associate along with AWS Security Specialty certification.

• Experience of Information security assessment in healthcare sector.

• Experience with NIST 800-53, CIS/STIG benchmark audit.

• Ideal candidate would have worked on the software development initially and then graduated in to either -S/W Lead/security assessments ensuring security in the product design.

• Exposure to privacy requirements

• Understanding of HI-TRUST and SOC2.

• Excellent Cyber Security capabilities

• Strong knowledge of secure software development lifecycle and practices such as threat modelling, security reviews, penetration tests, and security incident response

• Understanding of security by design principles and architecture level security concepts

• Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities

• Ability to relate cyber security incidents from cross-industries.

• Good to have security certifications like OSCP/CCSP/CISSP

total rewardsare designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.

Essential Responsibilities

Roles and Responsibilities :

3. Product cybersecurity development responsibilities:

• Assess the privacy and cybersecurity state of the product and define product roadmapfeatures/enhancementswith stakeholder approval
• Responsible for security architecture and coordination of product development for cybersecurity features and enhancements
• Assess product components and SBoM integrated into the product
• Perform defect management for cybersecurity issues
• Identify operational responsibilities and adherence to cloud standards for cloud- based products
• Responsible for Product and Security Manual and MDS2 documentation

4. In coordination with the PSL, own and deliver GEHC Product Cybersecurity Standard artifacts, which includes:

• Design input activities to identify, evaluate, roadmap, and drive cybersecurity and privacy features and enhancements within product development programs
• Create Design Engineering Privacy and Security (DEPS) artifacts for privacy and security risk assessments to engage in domain-specific product threat modeling, attack surface analysis, risk management and reduction
• Coordinates with the PSL to support the product team in scheduling and performing vulnerability scans and cybersecurity assessments
• Lead product Security Technical Design Reviews
• Along with the product LSD, responsible for the GEHC Product Cybersecurity Standard compliance and other pertinent standards and process.

6. Works with the GEHC Product Security team and QARA on released product life-cycle, including:

• Participate in post-market product vulnerability monitoring
• Participate as an Subject Matter Expertise to determine product vulnerability impact, investigation, and risk assessment.
• Responsible for product vulnerability mitigation and design change.
• Responsible for GEHC vulnerability tool update to ensure accurate customer communication.

8. Provide technical expertise on customer concerns, complaints, and CSO escalations.

9. Create/Maintain responsible product records within GEHC product cybersecurity tools.

10. Active involvement in DoD RMF submission process and maintenance.

Educational Qualifications:

• Bachelor's Degree in a relevant field (e.g. Computer Engineering, Computer Science, Information Security) or in a STEM major (Science, Technology, Engineering, or Math)
• 3+ years of progressive experience as adevelopment/cybersecurityengineer or scientist/researcher working with a cybersecurity skill set.

Desired Characteristics:

• Sound technical and domain experience in at least two cybersecurity functional technology areas.
• Technical assessment (system/web application vulnerability assessment, penetration testing, white-box code analysis, etc.) and security architecture (design of security controls, secure system design, understanding of identity and authentication management, etc.).

Inclusion and Diversity

Ourare designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.

Key Responsibilities:

In this role you will

• Define and own the product vision, roadmap, and backlog for the Control Tower platform.
• Collaborate with data teams to design dashboards, alerts, and analytics that provide actionable insights into subscription performance, anomalies, and trends.
• Partner with engineering, operations, customer support, and business teams to gather requirements, prioritize features, and ensure timely delivery.
• Drive the development of monitoring tools, automated workflows, and exception handling mechanisms to proactively manage subscription operations.
• Ensure the Control Tower is intuitive, scalable, and user-friendly for both technical and non-technical users.
• Define and track key performance indicators (KPIs) to measure the effectiveness and impact of the Control Tower.
• Identify operational risks and work with stakeholders to implement mitigation strategies through the Control Tower.

Skill Requirements:

• Holds a Bachelor’s or Master’s degree in Computer Science, Engineering, or a related field, with a strong grasp of APIs, data pipelines, and system architecture—enabling effective collaboration with engineering teams and informed technical decision-making.
• Brings over 5 years of experience in product management within SaaS, e-commerce, or subscription-based environments. Demonstrated success in leading cross-functional teams, managing product roadmaps, and delivering complex, data-driven solutions using agile methodologies.
• Skilled in leveraging data visualization tools like Power BI and Tableau to drive insights and product strategy. Excels in stakeholder communication, problem-solving, and aligning technical solutions with business goals.

Additional Skills:

• Experience building or managing control towers, command centers, or operational dashboards.
• Knowledge of subscription lifecycle management, supply chain, services, billing systems, and customer retention strategies.
• Exposure to AI/ML-driven alerting or anomaly detection systems.

Inclusion and Diversity:

We expect all employees to live and breathe our behaviours: to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity. Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities.

Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.

Roles and Responsibilities:

In this role, you will:

• Design, implement, and maintain security controls and best practices across multi-cloud environments (AWS, Azure, GCP).
• Ensure alignment with the AWS Well-Architected Framework and security standards across cloud vendors.
• Drive and support compliance initiatives including HITRUST, FedRAMP, HIPAA, and GDPR, ensuring all systems and processes meet regulatory requirements.
• Lead the development and maintenance of security and privacy policies, procedures, and documentation.
• Partner with product development, program management, regulatory, privacy, and legal teams to define and enforce security requirements for healthcare solutions, including applications, on-premises systems, and SaaS analytics platforms.
• Collaborate with cross-functional teams including IT, compliance, and engineering to integrate security into business and technical processes.
• Lead and manage security incident response, including assessment of risk and impact of breaches to protected systems.
• Review engineering changes, new services, and feature requests for security implications and required controls.
• Verify implementation and effectiveness of security and privacy measures as defined in organizational policies and plans.
• Research and evaluate emerging technologies, industry trends, and market developments to inform security strategy and support operational initiatives.
• Provide strategic guidance on cybersecurity best practices and threat mitigation.
• Drive certification processes for HITRUST and FedRAMP, including audit preparation and documentation.
• Mentor junior security architects and engineers, fostering a culture of continuous improvement and knowledge sharing.

Educational Qualifications:

• Master’ s degree in Computer Science, Cybersecurity, Information Systems, or a related field.

Required Skills:

• 8+ years of progressive experience in cybersecurity, with at least 4 years in a senior or architectural role.
• Strong understanding of HIPAA, and GDPR compliance frameworks.
• Hands-on experience with multi-cloud environments (AWS, Azure, GCP), including security architecture and cloud governance.
• One or more recognized cybersecurity certifications such as CISSP, CISM, CCSP, HCISPP, or equivalent.
• Strong analytical and problem-solving skills with the ability to assess complex systems and recommend effective security solutions.
• Excellent communication and collaboration skills across technical and non-technical teams.
• Demonstrated leadership in managing security incidents and mentoring teams.

Desired Skills:

• Experience with secure software development practices, DevSecOps, and product security lifecycle.
• Proven experience in the healthcare or medical domain, including familiarity with clinical systems and healthcare data flows.
• Knowledge of additional security frameworks such as NIST, ISO 27001, or SOC 2.
• Experience supporting audit and certification processes for HITRUST and FedRAMP.
• Deep knowledge of the AWS Well-Architected Framework and cloud-native security controls.
• Exposure to emerging technologies and trends in cybersecurity, privacy, and healthcare IT.

total rewardsare designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.

Job Summary

Responsibilities

• Own the product vision, roadmap, and backlog for software subscription finance capabilities.

• Collaborate with Finance and IT stakeholders to gather requirements and define product features.

• Translate complex financial and accounting needs into clear, actionable product specifications.

• Drive end-to-end delivery of finance enhancements and new features, ensuring alignment with business priorities.

• Partner with technical teams to design, test, and deploy solutions across AR, AP, GL, Billing, and Revenue Recognition in Oracle Fusion.

• Design and implement technical solutions to support functional requirements and resolve operational issues.

• Monitor system performance and user feedback to continuously improve product functionality and user experience.

• Ensure compliance with financial regulations, audit requirements, and internal controls .

• Lead User Acceptance Testing (UAT) , training, and change management for new releases.

• Liaise with internal IT and vendor support teams to resolve issues and implement solutions.

Qualifications

• Bachelor's degree in computer science, information technology, or a related field (Master's degree preferred).
• Proven experience (5+ years) as a technical product manager or similar role, preferably in the healthcare/medical device industry.
• Strong understanding of software development processes, Agile methodologies, and project management techniques.
• Excellent communication skills, both written and verbal, with the ability to convey complex technical concepts to non-technical stakeholders.
• Ability to work independently and collaboratively in a fast-paced environment.
• Knowledge of regulatory requirements and compliance frameworks relevant to medical devices and/or SaaS products.
• Experience working with cloud platforms (e.g., AWS, Azure, Google Cloud Platform).
• Familiarity with DevOps tools and practices.
• Understanding of data privacy and security best practices.
• Ability to manage multiple concurrent projects and priorities effectively.

Personal Attributes:

• Able to effectively direct and mentor others in critical thinking skills. Proactively engages with cross-functional teams to resolve issues and design solutions using critical thinking and analysis skills and best practices. Finds important patterns in seemingly unrelated information.

• Influences and energizes other toward the common vision and goal. Maintains excitement for a process and drives to new directions of meeting the goal even when odds and setbacks render one path impassable.

• Innovates and integrates new processes and/or technology to significantly add value to GE. Identifies how the cost of change weighs against the benefits and advises accordingly. Proactively learns new solutions and processes to address seemingly unanswerable problems.

Inclusion and Diversity

Ourare designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.