Sr. Staff Product Security Engineer at GE Healthcare

Bellevue, Washington, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Healthcare, TechnologyIndustries

Requirements

Bachelor's Degree in Computer Science or STEM Majors (Science, Technology, Engineering and Math) with minimum 8 years of experience (for USA roles)
Experience with cyber security frameworks (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance
Program and Project Management experience; expertise with Agile development teams
Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
Knowledge of Identity management and identity federation (SAML, OAuth, SCIM, XACML)
Experience in developing web services (SOAP/REST)
Must be available for on-call for potential security response
Knowledge of application risk identification and evaluation techniques
Knowledge of Cyber Security and full knowledge of multiple related engineering functions
Experience securing applications within cloud platforms such as AWS, Azure and alike
Experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment

Responsibilities

Drive tailored SDL (Secure Development Lifecycle) practice into specific engineering
Create and track meaningful metrics around product cyber risk and compensating controls
Consult and architect on security requirements and utilize best practices to meet them
Engage in application and domain-specific threat modeling and attack surface analysis/reduction
Work with all scrum teams for security-focused design
Identify and ensure resolution of possible technical implications of each release
Maintain a backlog of security-related tools that will improve the maintainability and security of our code and the pace of development
Help prepare reports at appropriate levels of confidentiality for stakeholders to view
Respond promptly and in detail to customer-sponsored penetration tests
Promote standards through workshops, knowledge shares, and code walk-throughs
Promote best practices and design patterns
Provide guidance on automated testing tools and techniques
Hunt, detect, and respond to digital security threats
Demonstrate technical leadership abilities and strong comprehension of malware, emerging threats, and calculating risk
Collaborate with product managers and developers to drive the successful adoption of innovative methods in developing secure applications

Skills

Key technologies and capabilities for this role

SDLThreat ModelingAttack Surface AnalysisNIST 800-53ISO 27001IEC 62443Penetration TestingCybersecurity FrameworksProduct SecurityScrumAutomated TestingCode Review

Questions & Answers

Common questions about this position

What is the salary range for this position?

For U.S. based positions, the pay range is $156,400.00-$234,600.00 annually.

Is this a remote position or does it require office work?

This information is not specified in the job description.

What are the required skills for this Sr. Staff Product Security Engineer role?

Key required skills include experience with cyber security frameworks like NIST 800-53 and ISO 27001, knowledge of CI/CD tools such as Chef, Git, and Jenkins, identity management (SAML, OAuth), web services (SOAP/REST), and securing cloud platforms like AWS and Azure.

What is the company culture or work environment like for this role?

The role involves collaborating with product managers, developers, and scrum teams, promoting standards through workshops and knowledge shares, and working in an Agile environment with a focus on security innovation.

What education and experience are needed to be a strong candidate?

A Bachelor's Degree in Computer Science or STEM majors is required with a minimum of 8 years of experience for U.S. roles; strong candidates will have expertise in cybersecurity frameworks, Agile project management, and cloud security.

GE Healthcare

Healthcare technology and data analytics provider

About GE Healthcare

GE Healthcare provides a range of healthcare technologies and services aimed at improving patient care. Its main products include imaging systems, mobile diagnostic devices, patient monitoring solutions, and advanced software for data analysis. These products help medical professionals make informed decisions and enhance the efficiency of healthcare delivery. Unlike many competitors, GE Healthcare invests significantly in research and development, allocating $1 billion each year to innovate and enhance its offerings. The company’s goal is to support healthcare providers in delivering better patient outcomes, as evidenced by its technology supporting over 300,000 patients daily and managing 2 billion patient scans each year.

Chicago, IllinoisHeadquarters

1892Year Founded

N/ACompany Stage

Data & Analytics, HealthcareIndustries

10,001+Employees

Risks

Emerging AR technologies increase competition in medical imaging.

Regulatory challenges may delay AI application expansions in healthcare.

Dependence on clinical trial success for new product market positioning.

Differentiation

GE Healthcare invests $1 billion annually in R&D for product innovation.

The company supports over 300,000 patients daily with its healthcare technologies.

GE Healthcare's AIR Recon DL offers 3D motion-insensitive imaging for enhanced MRI quality.

Upsides

Acquisition of Caption Health expands AI-powered ultrasound capabilities.

Successful Phase III trial of [18F]flurpiridaz enhances coronary artery disease detection.

Collaboration with Wayra accelerates digital health innovation in EMEA.

Land your dream remote job 3x faster with AI

Try Jobo Free