GE is the world's Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer at http://www.ge.com/sites/default/files/15-000845%20EEO%20combined.pdf . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
We are looking for a Director - Cyber Security to work with teams comprised of Software Engineers, Quality Engineers, User Interaction Design Engineers, Infrastructure/Platform team, and the Product Owners to help lead the technical insight and industry perspective in the creation, delivery, and integration of complex and comprehensive security solutions.
You will be a developer security evangelist who will provide thought leadership & help guide developers in secure coding practices. You will also be responsible for developing security standards framework for securing the production infrastructure against cyber-attacks.
You are a highly skilled security Engineer who enjoys security work and collaborating with product managers, developers and operations leadership to drive the successful adoption of innovative methods in developing secure applications.
In this role, you will:
+ Drive tailored SDL practice into specific engineering
+ Consult architect on security requirements and utilize best practices to meet them
+ Engage in application and domain-specific threat modeling and attack surface analysis/reduction
+ Working with all scrum teams for security-focused design
+ Identifying and ensuring resolution of possible security implications of each release
+ Maintaining an inventory of security-related tools that will improve the maintainability and security of our code and the pace of development
+ Help prepare reports at appropriate levels of confidentiality for stakeholders to view
+ Responding to customer-facing departments about Predix security posture
+ Responding promptly and in detail to customer-sponsored penetration tests
+ Promotes standards through workshops, knowledge shares, and code walk-throughs
+ Provides guidance on automated testing tools and techniques
+ Securely on-board external developer applications and third party services as part of the overall Predix ecosystem
+ Develop processes and drive infrastructure for achieving compliance required in the Oil & Gas industry
+ Bachelor's Degree in Computer Engineering or in a STEM major (Science, Technology, Engineering, or Math) and/or a minimum of 10 years of equivalent experience
+ A minimum of 4 years of experience in security development life cycle
+ At least 4 years of experience involvement with development team(s) that delivered software based services
+ Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job
+ Any offer of employment is conditioned upon the successful completion of a background investigation and drug screen
+ Must be willing to travel
+ Must be willing to work out of an office located in San Ramon, CA
+ Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML)
+ Must be available for on call for potential security response
+ Knowledge of application risk identification and evaluation techniques
+ Knowledge of Cyber Security and full knowledge of multiple related engineering functions
+ Experience securing applications within cloud platforms such as AWS, Azure and alike.
+ Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment
+ Hands-on experience with analyzing threat reports, vulnerability reports and drive towards implementing them
+ Experience securing applications against various layers of vulnerabilities
+ Evaluate different products in security space and recommend and implement most optimal solutions
+ Knowledge of Object Oriented Design and principles
+ Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
Locations: United States ; California; San Ramon
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer at http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
A little about us:
GE imagination at work.