Job Description Summary

The Primary Care Ultrasound business develops traditional console as well as portable/handheld ultrasound equipment, that is both cost effective and elegant. Our mission is to enable clinicians to confidently assess patient conditions in diverse clinical environments, including at the point of care and in GP offices

The Cyber security Architect will be part of the Ultrasound team with the vision of building and sustaining product competencies and customer orientation to provide timely patient care. We are looking for a person with strong technical acumen in Cyber security area and preferably a person who has knowledge / expertise in the Mobility area like Android, iOS, Cloud and on-premise healthcare system(s) etc., This individual will provide Leadership on Cyber security by working both with the product teams and the Global teams and helps to draw out the strategy for Ultrasound Handheld products. This person would also be part of the extended team of the Global Cyber security team to constantly update to the latest technologies and processes.

GE HealthCare is a leading global medical technology and digital solutions innovator. Our purpose is to create a world where healthcare has no limits. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.

Job Description

Roles and Responsibilities

In this role, you will:

• Conduct security and privacy assessments which includes VAPT to determine compliance and security posture

• Assess the security for software/Product architecture – guide the product architects to ensure security is built into at the design level itself

• Assist business units in the development and implementation of product security and Privacy practices including policies, standards, guidelines, and procedures.

• Verify that security and privacy requirements defined in the security plans, policies, and procedures are followed and protection measures are functioning as intended.

• Guide the business unit in their management of the resolution of security audit or review findings.

• Provide security risk management and security advice as well as advice on strategic direction relating to product and information security.

• Assist with security incidents and review risk and impact of breaches to protected systems.

• Review proposed services, engineering changes, and feature requests for security implications and needed security controls.

• Work with the software architecture and development teams to ensure that the solutions are built with security and data privacy first

• Regularly monitor the cyber security vulnerabilities in the 3rd part libraries use and ensure those vulnerabilities are addressed in a timely manner

• Create and execute upon technology roadmaps in cooperation with external vendors and industry cybersecurity and data privacy standards

Role Competency:

• Bachelor's degree in engineering

• A minimum of 10 years of development and security experience which includes application security, mobile security, network security, OS security, Cloud Security, IoT Security

• Product/Information security experience in all phases of service/product development and deployment including architecture, design, development, testing and deployment.

• Experience in designing security solutions.

• Hands-on experience in execution and review of Static Code Analysis reports and ability to discuss with development teams for true positives.

• Sound understanding of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA).

• Experience and knowledge of penetration testing methodologies and tools.

• Conducting information security analyses, audits, and reviews

• Experience in Automation of pen test scenarios using Python or any other languages is mandatory

• Willingness to learn new technologies and work on security for varied products.

Preferred Experience

• Experience of Information security assessment in healthcare sector/ IoT / Embedded Security

• Experience with NIST 800-53, CIS/STIG benchmark audit

• Ideal candidate would have worked on the software development initially and then graduated in to either -S/W Lead/security assessments ensuring security in the product design

Preferred Skills:

• Excellent Cyber Security capabilities

• Strong knowledge of secure software development lifecycle and practices such as threat modelling, security reviews, penetration tests, and security incident response

• Understanding of security by design principles and architecture level security concepts

• Exposure to privacy requirements

• Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities

• Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders

• Sound security engineering knowledge (technical) so as to work collaboratively with the Tech Leads and software/products architects to ensure secure Products

• Knowledge of information system architecture and security controls (e.g., firewall and border router configurations, wireless architectures, specialized appliances)

• Sound implementation Knowledge of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA), OAUTH authentication, 2FA

• Ability to relate cyber security incidents from cross-industries.

• Experience in Rest Api, Kubernetes and container security assessments.

• Good to have security certifications like OSCP/CCSP/CISSP

GE HealthCare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

We expect all employees to live and breathe our behaviors: to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity.

Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.

#LI-Hybrid

Additional Information

Relocation Assistance Provided: Yes