Staff Product Manager, Pentest as a Service
HackerOne$190,000 - $265,000/year
Full Time
Mid-level (3 to 4 years), Senior (5 to 8 years)
Not SpecifiedCompensation
Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Healthcare, Medical TechnologyIndustries
Requirements
- Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering)
- Deep product knowledge to ensure clinical functionality, expected operating environment, and interoperability for accurate privacy and security risk determination
- Experience as a cybersecurity focal point for secure product development and maintenance
Responsibilities
- Provide privacy and security technical expertise in support of the product team throughout product development, design change, and life-cycle management
- Work with the Product Security Leader (PSL) to support the product team with process expertise for the GEHC-GE Healthcare Product Cybersecurity Standard and life-cycle management
- Assess the privacy and cybersecurity state of the product and define product roadmap features/enhancements with stakeholder approval
- Responsible for security architecture and coordination of product development for cybersecurity features and enhancements
- Assess product components and SBoM integrated into the product
- Perform defect management for cybersecurity issues
- Identify operational responsibilities and adherence to cloud standards for cloud-based products
- Responsible for Product and Security Manual and MDS2 documentation
- Own and deliver GEHC Product Cybersecurity Standard artifacts, including design input activities to identify, evaluate, roadmap, and drive cybersecurity and privacy features and enhancements
- Create Design Engineering Privacy and Security (DEPS) artifacts for privacy and security risk assessments, engaging in domain-specific product threat modelling, attack surface analysis, risk management and reduction
- Coordinate with the PSL to support the product team in scheduling and performing vulnerability scans and cybersecurity assessments
- Lead product Security Technical Design Reviews
- Along with the product LSD-Lead System Designer, ensure GEHC Product Cybersecurity Standard compliance and other pertinent standards and processes
- Ensure released products comply with required regulatory standards & compliance (e.g., FDA, HIPAA, GDPR)
- Participate in post-market product vulnerability monitoring
- Participate as a Subject Matter Expert to determine product vulnerability impact, investigation, and risk assessment
- Responsible for product vulnerability mitigation and design change
- Responsible for GEHC vulnerability tool update to ensure accurate customer communication
- Address customer and Sales RFP privacy and security feedback/questions
- Provide technical expertise on customer concerns, complaints, and CSO escalations
- Create/maintain responsible product records within GEHC product cybersecurity tools
- Responsible for data movement reviews, data collection and analysis, and identification of anomalous patterns of data
- Support in the detection, design, and testing analytic frameworks, processes, procedures and controls
- Assist in the planning, preparing, and hunting for cyber incidents stemming from internal and external threat actors
Skills
Cybersecurity
Privacy
Product Security
Security Architecture
Data Analysis
Threat Hunting
SBOM
Secure Product Development
Risk Assessment
GE Healthcare
Healthcare technology and data analytics provider
About GE Healthcare
GE Healthcare provides a range of healthcare technologies and services aimed at improving patient care. Its main products include imaging systems, mobile diagnostic devices, patient monitoring solutions, and advanced software for data analysis. These products help medical professionals make informed decisions and enhance the efficiency of healthcare delivery. Unlike many competitors, GE Healthcare invests significantly in research and development, allocating $1 billion each year to innovate and enhance its offerings. The company’s goal is to support healthcare providers in delivering better patient outcomes, as evidenced by its technology supporting over 300,000 patients daily and managing 2 billion patient scans each year.
Chicago, IllinoisHeadquarters
1892Year Founded
N/ACompany Stage
Data & Analytics, HealthcareIndustries
10,001+Employees
Risks
Emerging AR technologies increase competition in medical imaging.
Regulatory challenges may delay AI application expansions in healthcare.
Dependence on clinical trial success for new product market positioning.
Differentiation
GE Healthcare invests $1 billion annually in R&D for product innovation.
The company supports over 300,000 patients daily with its healthcare technologies.
GE Healthcare's AIR Recon DL offers 3D motion-insensitive imaging for enhanced MRI quality.
Upsides
Acquisition of Caption Health expands AI-powered ultrasound capabilities.
Successful Phase III trial of [18F]flurpiridaz enhances coronary artery disease detection.
Collaboration with Wayra accelerates digital health innovation in EMEA.
Related Jobs
RemoteRemoteSecurity Architect
EarnestSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSecurity Engineer, Product Security
Chainlink LabsSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteProduct Video Producer, Creative Lead
CalendlySalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteCompliance Engineer
Flock Safety$176,000 - $220,000/year
- Full Time
- Senior (5 to 8 years)
RemoteSecurity Governance Risk & Compliance (GRC) Analyst
Virtru$130,000 - $180,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteProduct Engineer - Data Stack - Data Modeling
PostHogSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteAdvisory Solution Consultant – Healthcare
SailPointSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)