Company: Baker Hughes Skills: IT - Analysis & Management Education: Bachelors/3-5 yr Degree Location: Houston, Texas, United States
At Baker Hughes, we are building a Talent Community of highly talented and motivated professionals for future job roles. If you match the described job role and are as excited as we are to have you on-board in the future, please hit the apply button to be a part of our Talent Community.
As a member of our talent community, you will be amongst the first to get exclusive news about Baker Hughes, various cool projects we are working on, our employee success stories and new job opportunities you may be interested in.
As a Cyber Security Engineer, you will be requiring knowledge of security, and secure software development practices. You will partner with existing development teams to build secure software on cloud or on-perm infra. You will part of team who is responsible for deploying application, maintaining, running the operation with 99.17 uptime and highest security levels. The Cyber Security Engineer is responsible for managing 24X7 support working with peers
As a Cyber Security Engineer, you will be responsible for:
Managing and building best practices/select tools for shared security libraries, images, containers. You will automate the deployments and security processes.
Participating in designing and deploying application in customer hosted cloud infrastructure. Being responsible for assisting customer and deployment team for implementing cybersecurity guidelines implementation for application hosted in Customer cloud.
Being able to scope and participate in software penetration tests, vulnerability identification and vulnerability risk assessment & Defining framework and processes for Cyber security for application hosted in Baker infrastructure
Engaging in incident response methods lead incident response processes related to product cyber. Create and track meaningful metrics around product cyber risk and compensating controls for the infra and application.
Defining tools and processes needed for maintaining the security of the applications in consolation with Product Architecture team and Baker IT security team.
Creating vulnerability and incident trend analysis to improve infrastructure & Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components
Engaging in application and domain-specific threat modeling and attack surface analysis/reduction. Helping prepare reports at appropriate levels of confidentiality for stakeholders to view
Working with Architects, researchers, and in-house researchers to identify, rate, report and manage product vulnerabilities and incidents
Acting as owner of selecting and maintaining cyber security/cloud operations tools, assessing risk/patch needs of tools/software components used in applications as well for operations.
Responding promptly and in detail to customer-sponsored penetration tests and customer queries and issues reported. Making system/images templates/containers available which are hardened and VAPT tested.
Fuel your passion, To be successful in this role you will:
Have bachelor's in Engineering (Science, Technology, Engineering and Math) with a minimum 4 yrs. of professional experience. Having Cybersecurity certification will be preferred
Have experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance
Have 3+ yrs. experience in implementing security processes including tools/techniques for Cloud hosted applications.
Have experience with penetration testing and ethical hacking (for application and Infra). Knowledge of Identity management and identity federation (SAML, Oauth, SCIM, XACML).
Be available for on call for potential security response and for solution design discussions & have Knowledge of application risk identification and evaluation techniques
Have experience securing applications within cloud platforms such as AWS, Azure, GCP. Have experience with implementing security tools like SIEM (central platform) and SOC operations.
Have experience with broad set of information security technologies and processes within a SaaS, IaaS, PaaS, or cloud environment. Security implementation experience with IIOT based application is preferred
Have knowledge of Application & Infrastructure Monitoring Tools like Prometheus, Grafana, Kibana, New Relic, Nagios. Working experience of various IPS/IDS, WAF, Threat Detection system implementations, SIEM
Have good working experience in data encryption technologies & familiarity with encryption fundamentals: PKI, Encryption, Digital Signatures & Key Management
Have SDLC and automated testing experience (TDD/BDD) along with knowledge of source control tools such as CVS/SVN /Git , with preference for Git
*Please remember that joining the Talent Community is not an application for any specific job at Baker Hughes but to have the privilege of being considered for an opportunity that suits your profile on priority.
As part of our commitment to the health and safety of our employees, customers and the communities in which we operate, this role requires full vaccination for COVID-19 prior to beginning work.About Us: With operations in over 120 countries, we provide better solutions for our customers and richer opportunities for our people. As a leading partner to the energy industry, we're committed to achieving net-zero carbon emissions by 2050 and we're always looking for the right people to help us get there. People who are as passionate as we are about making energy safer, cleaner and more efficient.
Join Us: Are you seeking an opportunity to make a real difference in a company that values innovation and progress? Join us and become part of a team of people who will challenge and inspire you! Let's come together and take energy forward.
Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.