GE HealthCare Staff Security Software Architect 

India, Karnataka 

820576743

In this role you will be responsible to design, develop and maintain the Security posture of the enterprise level applications. As a Cyber Security Software expert, you will need to work with various development process tools including threat modeling, compliance, test automation, and vulnerability technologies. You should be able to work with variety of operating systems mainly Unix and Linux based systems, programming tools, encryption, and security controls.In this role, you are responsible for partnering and providing security advisory services to product managers and Management to ensure that applications that we develop are secure and meet the healthcare objectives while remaining in compliance with the healthcare policies, procedures, and all related laws, rules, and regulations.
Job Description

In this role, you will:

• Design, develop and maintain the Security posture of the enterprise level application/s
• Work with various development process tools including threat modeling, compliance, test automation, and vulnerability technologies.
• Provide technical and process expertise for Privacy & Security throughout activity life cycle.
• Conduct or support conduct of, security risk assessments, risk gap analyses and remediation plan development.
• Security Compliance maintenance and assurance
• Promote design-in of security to products, platforms, services, and processes.
• Manage the security vulnerabilities and risks across different applications including identifying, supporting application/system owners to manage risks and remediate vulnerabilities.
• Perform technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (i.e., local computing environment, network and infrastructure, enclave boundary, and supporting infrastructure) and facilitate vulnerability mitigation.
• Develop and support conduct of training and awareness initiatives in the areas of privacy and security.
• Preparation of business cases for the implementation of control and compliance programs
• Support formulation of data security / privacy related proposal text and RFP response
• Managing adaptation and implementation of security and privacy programs in a complex, technology-oriented organization
• Identify business needs and/or customer sensitivities in the realms of security, risk, and compliance and develop solutions or services around those needs.
• Coach and mentor engineering / DevOps teams to evaluate security tools, develop proof-of-concepts, and integrate tools into the DevOps pipeline.
• Coach and mentor secure design, coding, and testing initiatives
• Manages the design, development, implementation, and operations of all security technologies for business unit's information security functions.
• Responsible for interpreting privacy and security regulatory guidelines from different countries and guiding the organization on implementation for meeting.
• Communicate in a concise and effective manner changes to be implemented to the organization.
• Create / Review documentation for conformance to a set of privacy and security requirements.

Educational Qualification:

• Bachelor’s degree in computer science or “STEM” Majors (Science, Technology, Engineering and Math)

Essentials Skills:

• Experience in Java, Angular, C++ (Optional),Unix / Linuxbased programming and system knowledge.
• 9+ years ofdevelopment and security experience which includes application security, OS security, Vulnerability assessments / solutioning.
• Experience inSecurity practices, Vulnerability Assessment etc.
• Product/Information security experience in all phases of service/product development and deployment including architecture, design, development, testing and deployment.
• Experience in designing security solutions and threat modelling.
• Ideal candidate would have worked on the software development initially and then graduated in to -Software/Lead/security assessments ensuring security in the product design.

Desired Skills:

• Experience in Security tooling and scans such as NESSUS, STIGs
• Know-how of Healthcare domain, regulatory needs such as 510(K), HIPAA, GDPR
• Exposure to DOD (Department of Defence), VA (Veterans Affairs) practices and processes
• Hands-on experience in review of Static Code Analysis reports and ability to discuss with development teams for true positives.
• Sound understanding of various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA).
• Experience and knowledge of penetration testing methodologies and tools.
• Conducting information security analyses, audits, and reviews
• Willingness to learn new technologies and work on security for varied products.
• Solid security expertise in Containers, Kubernetes, and so on.
• Security certifications like OSCP/CCSP/CISSP.
• Knowledge of information system architecture and security controls (e.g., firewall and border router configurations, wireless architectures, specialized appliances).
• Sound implementation Knowledge of various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA), OAUTH authentication, 2FA.Experience working on software projects in the Healthcare domain

Inclusion and Diversity

GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, colour, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

We expect all employees to live and breathe our behaviors: to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity.

Ourare designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.