Company: Baker Hughes
Skills: Security
Experience: 6 + Years
Education: Masters Degree
Location: Houston, Texas, United States


Role Summary

The Staff Product Security Analyst will be working on Baker Hughes (BH) Third Party Suppliers program, in support of company strategic cyber security programs and while ensuring compliance with applicable standards and regulatory requirements.
The ideal candidate has consolidated experience on Security Risk Management in complex engineering and industrial environments, and in performing suppliers/vendors' security risk assessment.

Roles and Responsibilities

In this role, you will:
  • Ensure suppliers comply with BH security policies
  • Lead / perform security risk assessments of third party suppliers
  • Coordinate with offshore resources to ensure assessments are properly and timely performed
  • Track supplier assessment results until closure
  • Identify high risk suppliers based on BH priorities & policies
  • Identify areas of technical and process improvements, such as review of third party security requirements, and interaction with relevant company functions
  • Maintain a timely communication with Supplier, Business, and Sourcing references
  • Identify and deliver appropriate metrics to drive supplier security program and reporting based on business risk


Required Qualifications
  • Bachelor's Degree in Computer Engineering or in a STEM field (Science, Technology, Engineering, Math) from an accredited college or university
  • Minimum 6 years IT experience
  • Minimum 4 years experience in Risk Assessment roles using industry frameworks and standards, especially ISO27001/2 and NIST CSF
  • Experience with vendor assessment platforms (such as RSAM, Unity etc.)
  • Experience with Security Rating platforms (such as Scorecard, RiskRecon etc.)
  • Very good written and verbal communication skills
  • Accountability and sense of urgency traits
  • Experience working in direct and/or matrix-reporting global teams


Desired Characteristics
  • Master's Degree in a STEM field (Science, Technology, Engineering, Math) from an accredited college or university
  • Experience with secure development lifecycle principles, network architectures, identity and access management principles, application security, cloud security, encryption technologies, database, web technologies
  • Demonstrated experience supporting global programs across technology and business functions and managing contractors
  • CISA or equivalent certifications


Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.