Job Description Summary
Gas Power is seeking a motivated Software Security Engineer to ensure that our applications are securely architected and released with software of the highest quality, free from defects or known vulnerabilities.
Essential Responsibilities :
Working as part of an agile and cross-functional team, the role will lead engagements to review application architectures, code and system services from a security perspective. The successful candidate will have a passion for engineering safe and resilient applications, strong analytical and problem-solving skills and demonstrated experience coordinating multiple projects or tasks in an effective and efficient manner. As part of the GE Cybersecurity team, a curiosity to learn combined with a builder-attitude will be critical in our mission to address evolving threats and protect company information and resources.
As the Sr Cyber Security Architect you will :
* Work in active partnership with program application leads and stakeholders to architect solutions using tools and services aligned to standards and secure design patterns.
* Evangelize secure design principles and best practices throughout the Secure Software Development Lifecycle (SSDLC).
* Develop and interpret security policies, standards and patterns.
* Develop training material and perform general security awareness training to application teams based on known vulnerability or defect data.
* Support the engineering and deployment of secure technology solutions that promote adoption of secure DevOps and Cloud practices (IaaS, PaaS & SaaS).
* Onboard applications and promote usage of SAST/DAST/SCA tools for quality assurance.
* Participate in code reviews across teams to ensure secure coding practices.
* Write software and script automation functions as required
* Lead projects to drive the assessment, operationalization and adoption of new technologies, platforms and tools.
* Knowledge of IT service management and cybersecurity processes including change management, incident management, configuration management, threat and vulnerability management.
* Bachelor's Degree in Information Systems (IS), Information Technology (IT), Computer Science or Engineering from an accredited college or university
* Minimum 5 Years of experience with Object Oriented or programming languages (Java, C++, Python etc.)
* Minimum 1 Year of experience with *Nix operating systems (Linux, UNIX, BSD, etc)
* Minimum 1 Year of experience with Cloud technologies (AWS or Azure)
Desired Characteristics :
* Ability to handle multiple engagements and prioritize workload.
* Self-starter eager to learn with strong analytical and problem-solving skills.
* Strong oral and written communication skills.
* Knowledge of IT and Cybersecurity frameworks, such as NIST or CIS.Secure Software Development Lifecycle (SSDLC) and automated testing experience (TDD/BDD).
* Experience with development tools and integrated build systems (Eclipse, Jenkins, Maven, etc).
* Knowledge of encryption fundamentals: PKI, Digital Signatures and Key Management.
* Working knowledge of Cloud provider security architecture design patterns.
* Knowledge of API security architecture and technologies.
* Knowledge of OWASP Web/API vulnerabilities and compensating controls (CSRF, XSS, SQLI, etc).Experience writing Unit tests and using CI system to automate builds.
* Experience with SAST, DAST, SCA, WAF
Additional Eligibility Qualifications :
GE will only employ those who are legally authorized to work in the United States for this opening.
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
Relocation Assistance Provided: No