Sr Cyber Security Engineer - Product Security

Full Time
San Ramon, CA
Areas of Interest: Software Assurance and Security Engineering
report a problem

GE. Incredible career diversity across disciplines worldwide.
Join us in taking on the world's toughest challenges.
GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry. 

GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

We are looking for a Sr Cyber Security Engineer - Product Security to work with teams comprised of Software Engineers, Quality Engineers, User Interaction Design Engineers, Infrastructure/Platform team, and the Product Owners to help lead the technical insight and industry perspective in the creation, delivery, and integration of complex and comprehensive security solutions.You will be a security evangelist providing thought leadership & helping guide developers in secure coding principles and engineers in secure implementation of technology stack in a cloud environment. You are a highly skilled security Engineer who enjoys security work and collaborating with product managers, engineers, and developers to drive the successful adoption of innovative methods in implementing robust cloud controls and developing secure applications. 
In this role, you will: 
  • Drive tailored SDL practice into specific engineering
  • Consult architect on security requirements and utilize best practices to meet them 
  • Engage in application, platform and domain-specific threat modeling and attack surface analysis/reduction
  • Working with all scrum teams for security-focused design
  • Engineer Security solutions for cloud and embedded products, and the planning and implementation of risk mitigating security solutions 
  • Maintaining a backlog of security-related tools that will improve the maintainability and security of our code and the pace of development
  • Implement security control across the technology stack to meet security and compliance requirements for IaaS, Paas, and SaaS 
  • Help prepare reports at appropriate levels of confidentiality for stakeholders to view 
  • Responding to customer-facing departments about Predix security posture
  • Responding promptly and in detail to customer-sponsored penetration tests
  • Promotes best practices, design patterns, standards through workshops, knowledge sharing, and code walk-throughs
  • Build automation around testing tools and techniques 
  • Tailor communication to a variety of audiences and perspectives, and anticipates issues to prevent conflict 
  • Securely on-board external developer applications and third party services as part of the overall Predix ecosystem

Basic Qualifications:
  • Bachelor's Degree in Computer Engineering or in a STEM major (Science, Technology, Engineering, or Math) OR a minimum of 4 years of equivalent experience 
  • A minimum of 4 years of experience in secure system/software development life cycle for IaaS, PaaS and SaaS. 
  • GE Leadership Program Graduates will get credit towards relevant work experience, commensurate to the program they have completed 
Eligibility Requirements:
  • Legal authorization to work in the U.S. is required. GE may agree to sponsor an individual for an employment visa now or in the future if there is a shortage of individuals with particular skills.
  • Must be willing to travel (10-15%) 
  • Must be willing to work out of an office located in San Ramon, CA
Technical Expertise: 
  • Knowledge of CI/CD and automation tools (Chef, Git, Jenkins) 
  • Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML) 
  • Experienced in developing web services (SOAP/REST) and web applications (Java, Spring Core, Spring MVC, Spring Security) 
  • Knowledge of application risk identification and evaluation techniques 
  • Experience in securing cloud infrastructure such as AWS, Azure and alike (i.e., inspection, logging, WAF, VM) 
  • Experience in deployment of cloud controls for infrastructure, platform, and applications (IaaS/SaaS/PaaS), specifically within AWS, Azure and GCP 

Business Acumen:
  • Excellent written and verbal communication skills 
  • Work with Cyber Security Champions and SMEs to understand product requirements & vision and align them with Cyber Security imperatives 

  •  Foster a collaborative and cooperative team environment, encouraging input and participation from all members 
  • Work on a global team and knowledgeable about Cloud regulatory compliance and standards 

Personal Attributes:
  • Contribute to and lead discussions and communications within the team and outside, including customers and other business units
  • Strong work ethics and a desire to overachieve using good judgment, negotiation/influence skills, and analytical skills

Share this job:

GE Digital

imagination at work
GE (NYSE: GE) is the world’s Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. GE is organized around a global exchange of knowledge, the "GE Store," through which each business shares and accesses the same technology, markets, structure and intellect. Each invention further fuels innovation and application across our industrial sectors. With people, services, technology and scale, GE delivers better outcomes for customers by speaking the language of industry.

Oil & Gas, Healthcare, Intelligent Platforms, Capital, Transportation, Aviation, Appliances, Lighting, Power & Water, Energy Management
Visit GE Digital's Social Media pages:
Company Industry: Electrical/Electronic Manufacturing
Company Type: Public Company
Company Size: 10,001+