Staff Cyber Security Architect
GEGE Aerospace and GE Vernova will step toward the future of energy and flight, ready to empower the next generation of innovators and future of GE.
Job Description SummaryAre you excited to join a growing team of Cyber security architects supporting our commercial Digital Products? In this role, you will team up with development teams to design security into the product, assess posture of their existing products, and advise/track their mitigation efforts.
This is an excellent opportunity for a self-starter who is results oriented and enjoys solving challenges to secure GE Aerospace intellectual property and customer data.
Ensure security is designed and integrated into digital products deployed on Azure or on-premise.
Function as a cybersecurity leader in daily sprints, stand ups and provide ownership for all aspects of cybersecurity lifecycle in the product release.
Collaborate and partner with product and engineering partners like managers, architects, and developers in the roadmap planning, prioritization, and implementation.
Provide Azure security leadership and domain expertise.
Expert guidance on Application secure development life cycle.
Perform threat modeling and architecture risk analysis.
Lead secure code reviews, vulnerability analysis and remediation tracking.
Provide incident handling support for security related incidents.
Influence developers to write secure code and implement secure engineering practices.
Validate and attest security control effectiveness in assigned digital products.
Bachelor’s degree from an accredited university or college with minimum of 8 years of professional experience
Minimum 7 years of professional experience in Cyber Security Architecture
Must be willing to travel up to 10%.
CISSP or equivalent certification
Highly skilled security architect who enjoys security work and collaborating with product managers and developers to drive the successful adoption of innovative methods in developing secure Azure solutions.
Working knowledge of OWASP Web/API vulnerabilities (CSRF, XSS, SQLI, etc.) and compensating controls.
Knowledge of Web/API security architecture common authentication and authorization technologies (OIDC, OAuth2, Spring Security, HMAC, WS-Security, WS-Trust).
Proficiency in at least one high level programming language (e.g. Java, Node.JS, Python, C/C++, .Net).
Solid understanding of applied cryptography fundamentals (Encryption, Authentication, Symmetric Cryptography, Asymmetric Cryptography etc.).
Good understanding on privacy standards like PII, GDPR, CCPA etc.
Familiar with at least one Infrastructure as Code (IaC) scripting language (ARM, Terraform, PowerShell, CloudFormation).
Familiar with Controls frameworks and procedures (NIST800-53, ISO 27001, Soc2 Type2, CMMC etc.).
Familiar with governance, risk and compliance functions within a cyber security program.
Familiar with threat and incident management functions within a cyber security program.
Humble: respectful, receptive, agile, eager to learn
Transparent: shares critical information, speaks with candor, contributes constructively
Focused: quick learner, strategically prioritizes work, committed
Leadership ability: strong communicator, decision-maker, collaborative
Problem solver: analytical-minded, challenges existing processes, critical thinker
About Us :
GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Disclosure of your Gender or Sexual orientation is completely Voluntary and not mandatory.
Relocation Assistance Provided: No
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile APIs Azure C CCPA CISSP CMMC Compliance Cryptography CSRF Encryption GDPR Governance HMAC ISO 27001 Java Node.js OWASP PowerShell Privacy Python Risk analysis Scripting SOC 2 Terraform Vulnerabilities XSS
Perks/benefits: Relocation support
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Researcher jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open SOC-related jobs
- Open GCP-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs
- Open DoD-related jobs
- Open APIs-related jobs
- Open Splunk-related jobs
- Open EDR-related jobs