Cyber Security Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
• 5-8 years of experience in application/product security, with a strong understanding of secure software development.
• Proficiency in threat modeling and vulnerability management.
• Experience analyzing/detecting and remediating cybersecurity issues.
• Experience in security/network/system administration/development or equivalent knowledge.
• Familiarity with cloud platforms (AWS, Azure, GCP) and container security (Docker, Kubernetes).
• Strong communication skills and ability to influence cross-functional teams.
• Relevant certifications (e.g., OSCP, CISSP, CSSLP) are a plus.
• This position is based in the United States only.
• Legal authorization to work in the U.S. is required.
• Must be willing to travel as required.

Nice To Haves

• Experience working in or with healthcare technology companies or digital health platforms.
• Deep understanding of HIPAA, HITECH, and 21 CFR Part 11 compliance requirements.
• Knowledge of patient data privacy, PHI/PII protection, and data residency concerns.
• Exposure to HITRUST CSF or similar healthcare-specific security frameworks.
• Practical hands-on experience cybersecurity events investigation tracking and threat resolution.
• Able to work under minimal supervision and open to collaboration.

Responsibilities

• Security by Design: Partner with product and engineering teams to integrate security into architecture, design, and development processes.
• Threat Modeling & Risk Assessment: Conduct threat modeling, security reviews, and risk assessments for new and existing products.
• Create & Maintain Cybersecurity Documentation: Delivering product release security documents, document cyber security status and process in accordance with regulations.
• Vulnerability Management: Identify, triage, and drive remediation of vulnerabilities in applications and infrastructure.
• Incident Response: Support product-related security incidents and coordinate with internal stakeholders for resolution.
• Security Awareness: Educate developers and product managers on secure development practices and emerging threats.
• Compliance & Standards: Ensure products meet internal security standards and external compliance requirements (e.g., HIPAA, HITRUST, SOC 2, ISO 27001).

Benefits

• GE HealthCare offers a competitive benefits package, including not but limited to medical, dental, vision, paid time off, a 401(k) plan with employee and company contribution opportunities, life, disability, and accident insurance, and tuition reimbursement.