Roles and Responsibilities
In this role, you will:
You are a skilled Analyst who enjoys security work and is an expert in systems security, applications security, identity management. In this role, you will be integrating with our stakeholders and formulating IAM solutions.
In this role, you will:
- Provide guidance to Product Development teams across the whole Secure Development Lifecycle (SDL) on security techniques, interpreting requirements, assessing and assisting in software security reviews, secure development, verification, and deployment
- Provide subject matter expertise on secure coding/verification and practices.
- Support interpretation of vulnerabilities identified utilizing enterprise tools and provide recommended remediation steps to developers
- Technically contribute to key SDL activities (e.g. Threat modeling, Code scanning, Vulnerability assessments etc.) on most critical products
- Work with Engineering teams to ensure risks are promptly identified as well as relevant solutions
- Devise and drive adoption of security tools and techniques as part of the SDL process, in collaboration with other teams
- Provide security and compliance requirements for software development projects.
- Document processes and procedures related to the secure development of software, cloud-based and mobile solutions.
- Support high priority projects to clarify and track identified security risks
- Support documentation of design patterns/recipes for common security requirements
- Ensure that issues identified are appropriately prioritized and addressed in future product releases
- Have a complete understanding of the various system inter dependencies and limitations
- Evaluate and recommend new and emerging security products and technologies
- Bachelor's Degree in Computer Science, Engineering or other relevant technical / IT field, OR a minimum 5 years of relevant Technical/Software/Firmware Development field
- Software development experience with modern enterprise software development frameworks (.NET, Java, C++, NodeJS, Angular, etc.) in Agile environments
- Deep understanding of software development life cycle and CI/CD processes
- Experience with secure development of mobile apps (IOS and Android)
- Experience with cloud services platform (AWS, Azure etc.)
- Exposure to securing IIOT environments
- Experience of application security and vulnerability management for software applications including deployment on desktop, mobile, and cloud environments
- Experience with main security testing tools (Nessus, ZAP, TMT, or equivalent)
- Working knowledge of application technologies and platforms, including web applications and services
- Excellent understanding of software design architecture and frameworks, application layer risks, attacks security principles and application security frameworks, such as OWASP
- Experience with secure architectures, identity and access management protocols (OAuth 2.0 etc.), application security, encryption technologies, database and web technologies
- Good teamwork and communication skills (both written and verbal)
- Highest level of integrity and professionalism
- Experience with Baker Hughes product lines and solutions
- Knowledge of relevant industry standards and best practices (OWASP, NIST CSF, BSIMM)
- Willing to stay updated and be hands-on in technical and fast-evolving technology areas
- Good software skills on at least one of Python, Java, Ruby, Shell scripting, Android, iOS.
- Ability to work well in a dynamic fast-paced team environment, building credibility
- Ability to think "outside the box" when developing solutions and creating value
- Resourceful and quick learner; able to efficiently seek out, learn, & apply new areas of expertise as needed
- Contribute to and lead discussions and communications within the team and outside, including customers and other business units
Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.