Vacancy caducado!
Roles and Responsibilities
- Act as a security technical lead for Baker Hughes product development programs.
- You will provide guidance to Product Development teams across the whole Secure Development Lifecycle (SDL), conveying risk management culture, assisting in software security design reviews, verification, and deployment.
- Technically contribute to key SDL activities (e.g. Threat modeling, Static/Dynamic Analysis Security assessments, Pen testing etc.) on most critical products and architectural frameworks
- Collaborate with relevant teams to drive adoption of existing technologies, approaches, tools, methodologies to support secure design new products, systems or processes. Viewed internally and externally as a specialist in the discipline.
- Provide subject matter expertise on secure coding/verification and practices.
- Work with Engineering teams to ensure risks are promptly identified as well as relevant remediation plans
- Support high priority projects to clarify and respond to identified security risks
- Presents projects plans, technical roadmaps, risks and recommendations to business teams and leaders within technical space
- Communicates solutions across the own function and with cross-functional partner organizations.
- Bachelor's Degree in Computer Science, Engineering or other relevant technical / IT field, OR a minimum 9 years of relevant Technical/Engineering/Software Development field
- Experience of application security and vulnerability management in secure deployment on mobile devices and cloud environments
- Experience with main security design/testing tools (Nessus, Burp, TMT, or equivalent)
- Software development experience with modern frameworks such as .NET, Java, C, NodeJS, etc.
- Experience with securing mobile apps (IOS and Android)
- Experience with cloud services platform (AWS, Azure etc.)
- Experience with securing IIOT environments
- Working knowledge of application technologies and platforms, including web applications and services
- Deep understanding of software development life cycle and CI/CD processes
- Excellent understanding of software design architectures and frameworks, application layer risks, attacks security principles and techniques, and frameworks such as OWASP
- Experience with secure end to end architectures, PKI cloud based solutions, identity and access management protocols (OAuth 2.0 etc.), application security, encryption technologies, database and web technologies
- Good teamwork and communication skills (both written and verbal) with all levels of an organization
- Highest level of integrity and professionalism
- Experience with Baker Hughes product lines and solutions
- Knowledge of relevant industry standards and best practices (OWASP, NIST CSF, BSIMM)
- Willing to stay updated and be hands-on in technical and fast-evolving technology areas
- Knowledge of secure application development techniques, security threats and mitigations
- Knowledge of mobile technologies security threats and mitigations
- Pen testing, Cloud security, mobile security certifications (e.g. OSCP, CCSP etc.)
- Exposure to Industrial Control Systems security
- Ability to work well in a dynamic fast-paced team environment, building credibility
- Ability to think "outside the box" when developing solutions and creating value
- Resourceful and quick learner; able to efficiently seek out, learn, & apply new areas of expertise as needed
Vacancy caducado!