Sr Risk Analyst – Application Security Focus

Job description

3415083
Additional Cities

Wauwatosa or Chicago or remote
Career Level

Experienced
Relocation Assistance

No
Business

GE Healthcare
Business Segment

Healthcare Digital Technology
Function

Digital Technology
Country/Territory

United States
Additional States/Provinces

Illinois, Wisconsin
Postal Code

53226-4856
Role Summary/Purpose

Responsible for leading, designing, developing and implementing assessments and automated solutions to enhance the application security program for GE Healthcare. This role requires developed and strong foundational skills and knowledge of relevant technologies in the development and application security assessment space. You will be a member of an integrated team working to deliver successful outcomes around automation, risk & compliance and application vulnerability analysis.
Essential Responsibilities

·  Participate in security assessments, threat modeling, security design reviews and security architecture

·  Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, cloud, etc.)

·  Providing guidance and articulating technical security expertise to application owners

·  Create innovative tools, frameworks, and tests that check for and prevent common security bugs

·  Enforce secure development standards and requirements

·  Utilize SAST/DAST and other assessment technologies to identify and validate security vulnerabilities

·  Perform periodic security audits and various tasks to ensure compliance

·  Implement innovative tools, solutions, and processes that enable the enterprise application security program to scale and succeed

·  Develop and maintain meaningful risk metrics that communicate program status effectively
Qualifications/Requirements

·  Bachelor’s Degree in Computer Science or in “STEM” Majors (Science, Technology, Engineering and Math) or Information Technology

·  A minimum of 5 years of professional experience

·  Must be willing to travel up to 10%

·  Must be willing to work out of an office located in Wauwatosa, WI, or Chicago, IL
Desired Characteristics

·  Minimum of 2 years of experience assessing infrastructure & applications for weaknesses

·  Familiar with industry regulations (SOX, GDPR, Export Control)

·  Experience using Scripting (Java, Go, Python or Ruby) a plus

·  Familiar with Splunk, SiSense, Tableau, and ServiceNow a plus

·  Knowledge of or experience in Agile methodology and concepts

·  Industry-recognized security certification, such as CISA, CISM, CISSP, etc., a plus

·  Comfortable and effective working in areas that require rapid problem solving – continuous learner

·  Strong oral and written communication skills – able to communicate appropriately to technical and management audience

·  In-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.

·  Knowledge of several different threat modeling methodologies and tools.

·  Strong experience identifying and mitigating vulnerabilities at the the web presentation layer

·  Understand how to identify, exploit, and remediate common application vulnerabilities through use of tools and code review

·  Development experience in several of languages: Java, Javascript, .NET, Phyton etc

·  Strong knowledge of web application vulnerabilities, exploits, and remediation techniques

·  Strong knowledge of secure development and secure architecture

·  Should have experience in security aspects of multiple platforms, operating systems, software, communications, and network protocols.

·  Direct experience with application security assessment technologies

·  Passionate about information security
About Us

GE (NYSE:GE) drives the world forward by tackling its biggest challenges. By combining world-class engineering with software and analytics, GE helps the world work more efficiently, reliably, and safely. GE people are global, diverse and dedicated, operating with the highest integrity and passion to fulfill GE’s mission and deliver for our customers. www.ge.com
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is anEqual Opportunity Employer . Employment decisions are made without regard to race, color, religion, national or ethnic origin, gender (including pregnancy), sexual orientation, gender identity or expression, age, disability, veteran status or any other characteristics protected by law.
Additional Eligibility Qualifications

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
Primary Country

United States
Primary State/Province

Wisconsin
Primary City

Wauwatosa