Staff Software Architect - Product Security

GE Healthcare Technologies-posted 4 months ago
Waukesha, WI
5,001-10,000 employees
Chemical Manufacturing
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Staff Software Architect - Product Security position is a key role within General Imaging (GI) Ultrasound with a focus on vulnerability management and incident response capability. In this role you will work in a team to identify risks and communicate and track product vulnerabilities. GE HealthCare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.

  • Technical ownership of product security feature deliverables, with the ability to gather and analyze data, develop architectural requirements and lead implementation efforts
  • Work closely with cross-functional teams in requirements gathering and software design
  • Scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment
  • Engage in incident response methods, lead incident response processes related to product cyber
  • Create and track meaningful metrics around product cyber risk and compensating controls
  • Create vulnerability and incident trend analysis to improve product design
  • Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components
  • Engage and administer End of Life processes for digital products
  • Consult architects on security requirements and utilize best practices to meet requirements
  • Engage in application and domain-specific threat modeling and attack surface analysis/reduction
  • Respond promptly and in detail to customer-sponsored penetration tests
  • Provide guidance on automated testing tools and techniques
  • Discover and mitigate vulnerabilities in sensitive Critical Infrastructure/ Key Resource Domains (CI/KR)
  • Develop and design innovative cyber security solutions for unique and complex technologies
  • Work in partnership with government agencies, leading industry experts, and academia
  • Leverage traditional and non-traditional research methodologies to advance GE HealthCare's overall Cybersecurity practice
  • Assess and investigate specific threats in terms of severity and impact
  • Create detailed reports on vulnerabilities, bugs, and design flaws
  • Create IPS/IDS rules or other mitigations to protect vulnerable systems
  • Interact with global teams to promote consistency and maximize synergies across common software platforms
  • Able to join the team and gain mastery of the Ultrasound domain and contribute towards the development Software Infrastructure
  • Drive world-class quality in the development and support of products
  • Apply principles of SDLC and methodologies like Lean/Agile/XP, CI, Software and Product Security, Scalability, Documentation Practices, refactoring and Testing Techniques
  • Understand performance parameters and assess application performance
  • Proactively share information across the team, to the right audience with the appropriate level of detail and timeliness
  • Design, develop, implement, test and deploy subsystem/security solutions and apply in-depth knowledge of product related technologies, technology platforms, architectures, engineering design principles and advancements
  • In collaboration with principal engineers/architects and execution leaders, assist in the analysis, design and development of the product roadmap
  • Manage design evolution across multi-generation product releases
  • Perform design and code reviews, and provide feedback on product security
  • Bachelor's degree in computer science or 'STEM' Majors (Science, Technology, Engineering and Math) with minimum of 6 years of professional experience including Cyber Security
  • Certification in the Privacy, Security & Regulatory domain or related certification
  • Experience in object-oriented design methodology and various programming languages such as C/C++. Hands-on experience in C++ on Windows a plus.
  • Working knowledge in configuration management tools such as Perforce, GIT, ClearCase, etc.
  • Experience working with Windows API and application programming
  • Experience in software platform, advanced applications, user-interface design and/or systems engineering especially in the healthcare domain -preferably Ultrasound
  • Good skills in knowing how to debug software issues
  • Experience with multicore and multi-threaded software design and computing environment
  • Experience driving technical design reviews
  • Strong interpersonal skills, including creativity and curiosity with ability to effectively communicate, and influence across all organizational levels
  • Proven analytical and problem resolution skills
  • Demonstrated ability to work with and/or lead blended teams, including global teams
  • Experience setting up and maintaining automation in CI/CD workflow pipelines a plus
  • Familiarity with identifying, analyzing, and ethically exploiting the various classes of vulnerabilities that affect executable code
  • Strong knowledge of TCP/IP networking. Ability to use Wireshark to capture and analyze network traffic
  • Hands-on experience working with Windows and Linux based systems
  • Programming skills in one or more languages (we develop using Python, C, C++, CUDA, and others)
  • Ability to understand machine language, operating systems, common APIs, libraries, and runtime environments and how they interact with hardware, firmware, and binary code
  • Familiarity with digital electronics and microcontrollers. Exposure to SCADA/DCS systems or industrial technologies
  • Business Acumen: Able to translate vulnerability information into business risks relevant to our customers
  • Attention to detail with initiative to explore alternate technology and approaches to solving problems
  • Good understanding of workflow in the healthcare industry
  • Knowledge of ultrasound or demonstrated experience with development of medical device software
  • Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance
  • Experience with secure coding principles; code signing and secure boot
  • Experience with penetration testing and ethical hacking
  • Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
  • Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)
  • Knowledge of application risk identification and evaluation techniques, and knowledge of Cyber Security and related engineering functions
  • Experience securing applications within cloud platforms such as AWS, Azure, etc.
  • Great work environment
  • Professional development
  • Challenging careers
  • Competitive compensation
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Software Architect Resume Examples
Software Architect Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service