Company: Baker Hughes, a GE Company
Skills: IT - Analysis & Management, Security, Architect
Experience: 8 + Years
Education: High School/Secondary
Employment Type: Full Time Salaried Employee
Location: Sugar Land, Texas, United States
No location/work authorization restrictions found.


Role Summary/Purpose

The Senior Staff Cyber Security Architect for Application Security works on highly complex projects that require in-depth domain knowledge in all dimensions of application security. Candidate is responsible for driving the architect, build out, and implementation efforts related to application development & automation, as well as interacting with functional leaders to support these technical initiatives.

Essential Responsibilities

In the role of Senior Staff Cyber Security Architect - Application Security, you will:
  • Plan and execute application & cloud security solutions across the lifecycle - design, implementation and operations
  • Implement application security controls, support delivery teams and staff, and guide application development team members
  • Support security strategy plans and roadmaps based on secure development best practices and provide guidance and hands-on experience to project teams in design, development, and maintenance of security solutions including cloud
  • Integrate security scanning tools as part of DevSecOps
  • Design and implement security tools for production application protection
  • Support security automation tools to improve efficiency and productivity for application development teams
  • Develop scripts and integrating the SAST & DAST tools in to the Enterprise CI/CD platform
  • Define Threat Models and implementing RASP with production applications to be migrated to the cloud
  • Participate in penetration testing & security compliance activities
  • Perform as an advisor when reviewing application design and security posture
  • Analyze the Open Source scan results and validate creation of the Full Open Source Software Bill of Materials (BoM)
  • Perform technical analysis of the BoM regarding license conflicts and other technical license compliance issues, and determination of possible mitigation options, with instructions to developers
  • Create a security vulnerability report for the BoM components
  • Create file level license documentation, containing copyright statements during the analysis
  • Work with Legal on the identified copyright infringement issues and act as a liaison between Legal and Application teams
  • Develop and maintain documentation on standards, open source policies (on tool), play book and training documents

Qualifications/Requirements
  • Minimum 8 years of overall technology experience such as Java, .Net, C# and other web technologies, including Open Source
  • Minimum 3 years of hands-on technical experience on application development & security
  • Minimum 2 years in a technical or functional lead role

Eligibility Requirements
  • Travel 15% of the time, as required

Desired Characteristics
  • Awareness of standards such as ISO 27001, ISO 27018, NIST 800-53, PCI DSS, SOC2, HIPAA, PCI, SOX, GLBA, etc.
  • Information security certifications (CISSP, CISM, CISA, etc.)
  • Proven track record of setting targets, executing to plan, and delivering results.
  • Knowledge of risk management frameworks (ISO, NIST, etc.)
  • Prior experience in IT operations and support
  • Self-starter, identifies opportunities for improvement and implements positive change
  • Project management/advisory experience
  • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
  • Strong interpersonal skills, with an emphasis on the ability to effectively influence others
  • A team-focused mentality with the proven ability to work effectively with diverse stakeholders
  • An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner

Location
  • Sugar Land, TX 77478

This is your opportunity to learn more, do more, live the career you have imagined and be part of a truly diverse organization.

Baker Hughes, a GE company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law. Learn more