1+ months

Software Security Leader

GE Energy
Other India In
Role Summary:The Software Security Leader is a key, dynamic role requiring a deep knowledge of programming, security, and secure software development practices. This leader will partner with existing development teams to build secure software modeling data flows and threats, reviewing user stories, participating in code reviews, and guiding engineers to code new functionality or fix vulnerabilities in existing projects

Essential Responsibilities:The Software Security Leader will Define and govern company-level policies and practical guidelines Create best practices and sound design principles through the Secure Software Development Lifecycle, and drive adoption globally by fostering evangelists and champions Collaborate with and influence software development managers and help guide and support their teams during the design phase to build secure systems. Participate in complex software development projects as a secure development expert. Adapt to widely varied build and implementation environments, from embedded controllers to SaaS Lead projects to drive the assessment, operationalization and adoption of new technologies, platforms and tools. Scale automation and drive operational efficiency and accuracy

Qualifications/Requirements:Bachelor's Degree in Software Engineering, Computer Science or other STEM disciplines from an accredited college or university or the equivalent military or professional experience. Masters Degree preferred Strong experience particularly with SCADA & Industrial Control Systems; optimally from the energy related industry. (ICS)Experience with product application and/or systems security or knowledge of the real-time design of industrial control systems.5 years experience with Object Oriented languages (Java, C++, C#, etc.), web technologies (JavaScript, REST, relational databases), RTOS or Unix-like operating systems (e.g. Linux, QNX, VxWorks) & cloud technologies (e.g. AWS, Azure, OpenStack, hypervisors, etc.) Familiarity with static and dynamic analysis, fuzzing, and regression testing tools and tactics.

CSSLP, CEH, GICSP, CISSP, CCSP/K, or equivalent security certifications strongly preferred.

Desired Characteristics:Working knowledge of OWASP Web / API vulnerabilities and compensating controls (CSRF, XSS, SQLI, etc.). Familiarity with cyber kill chain and software-based attacks, including injection, buffer and stack manipulation (ROP chains), side-channel cache manipulation, etc Knowledge of API Security Architecture, and technologies (OAuth2, Spring Security, HMAC, WS-Security, WS-Trust, or XACML). Awareness of various technical and architectural defenses (DEP, ASLR, etc.)

Working knowledge of Cloud Provider security architecture design patterns (AWS, CloudFoundry, Azure) Familiarity with encryption fundamentals: PKI, Encryption, Digital Signatures & Key Management

Excellent knowledge with development tools and integrated build systems: Eclipse IDE, Jenkins/Hudson, Maven Software development cycle and automated testing experience (TDD/BDD/Agile). Familiarity with code coverage tools and techniques (Coverity, Checkmarx, GrammaTech, VeraCode, etc.) Embedded Systems design and implementation experience a plus Experience developing REST APIs, and/or experience with NOSQL databases Experience writing unit tests; quality management training a plus (TQM, Six Sigma, etc.) Experience using a CI system to automate builds Working knowledge of source control tools such as CVS/SVN/git, with preference for git Strong hands-on debugging/troubleshooting expertise (be prepared to give war stories)Experience performing design and code reviews.

About Us:GE (NYSE:GE) drives the world forward by tackling its biggest challenges. By combining world-class engineering with software and analytics, GE helps the world work more efficiently, reliably, and safely. GE people are global, diverse and dedicated, operating with the highest integrity and passion to fulfill GEs mission and deliver for our customers. www.ge.comAdditional Locations:Hungary, India, Spain;Other India IN;

Categories

Posted: 2020-04-21 Expires: 2020-06-19

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Software Security Leader

GE Energy
Other India In

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast