Application Security

GE Digital
Digital Information Technology & Digital Thread
GE is the world’s Digital Industrial Company, transforming industry with software-defined machines and solutions that are connected, responsive and predictive. Through our people, leadership development, services, technology and scale, GE delivers better outcomes for global customers by speaking the language of industry.
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Application Security / DevOps
Information Technology
United States
Van Buren Township
In this role, the DevSecOps Engineer will apply depth of expertise in IT security to contemporary design and development to effectively secure and protect GE’s application portfolio. You will be a member of an integrated squad working together to deliver successful outcomes on the GE Predix platform
  • Function as cyber security leader and automation engineer in daily Sprint stand up, and provide ownership for all aspects of security lifecycle in product release
  • Provide cyber security technical thought leadership, and inject secure coding standards and best practices into daily scrums
  • Provide mentoring, and skill set knowledge transfer to scrum team members
  • Review and modify agile user stories and epics to ensure correct authentication, authorization, and logging
  • Partner with other IT & business teams to develop secure technical solutions
  • Support MVP’s through “hands on” technical security knowledge, integration, and development/coding
  • Work with a team of architects and developers, operational leads and functional owners to plan and implement security technical features
  • Ability to work in a fast paced, dynamic environment, with shifting priorities; must be comfortable with change and actively driving improvements
  • Understand how new technologies impact the current environment
  • Champion the adoption of new technologies and drive the implementation into the GE environment
Basic Qualification

  • Bachelor’s Degree in Information Systems (IS), Information Technology (IT), Computer Science or Engineering (OR High School Diploma / GED with a minimum of 2 years of IS, IT, or Computer Science) or equivalent experience
  • Minimum of 5 years of experience writing object-oriented software, or designing and executing manual and automated software tests

Eligibility Requirements

  • Strong Facilitation skills, leading in-person and remote teams in co-creation sessions, creating wireframes, workflows and prototypes.
  • Working knowledge in configuration management tools such as CVS/SVN/ClearCase/Git/Perforce
  • 1-2 years of JavaScript experience
  • Experience with NodeJS
  • Experience with Postgres
  • Experience with Lua
  • Experience with GOLang
  • Understanding of GitHub and Git pull requests
  • Understanding of Delay Tolerant Networking (DTN)
  • Must be legally authorized to work in the United States full-time
  • Must be willing to work in our DTH facility full-time
  • Must submit application for employment through (or COS if internal) to be considered
  • Must be 18 years of age or older
  • Must be willing to take a drug test as part of the selection process
  • Must be willing to submit to a background investigation, including for example, verification of your past employment, criminal history, and educational background
GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a background investigation and drug screen.
  • Lean/Six Sigma Certification.
  • Manufacturing experience preferred
  • Proficiency in at least one programming language (Java, GOLANG, Node.JS, Javascript, Python, or C/C++)
  • Provides design, installation/development, & configuration of Cyber Security solutions
  • Ability to simplify and communicate technical concepts & architecture to non-technical team members
  • Experience with application logging integration, and products (Log4J, Logstash, Splunk)
  • Knowledge of Federated security architecture, flows, and standards (SAML, OpenID_Connect, and JSON_Web-Token
  • Integration level knowledge of API Security Architecture, and technologies (OAuth2, Spring Security, HMAC, WS-Security, WS-Trust, or XACML)
  • Hands on experience developing secure RESTful API’s
  • Working knowledge of Cloud Provider security architecture design patterns (AWS, CloudFoundry, Azure).
  • Proficiency in development frameworks (Spring Security, Spring Boot, or AngularJS)
  • Working knowledge of OWASP Web/API vulnerabilities and compensating controls (CSRF, XSS, SQLI, etc.)
  • Familiarity with encryption fundamentals: PKI, Encryption, Digital Signatures
    , & Key Management
  • Expert knowledge of HTTP(s) protocol
  • Knowledge of Risk Controls framework, and Audit procedures (27000/1/2, NIST 800-53/171, DFARS)
  • Position requires an individual that is highly organized and self-motivated
  • Proven ability and desire to learn and adapt to new products quickly and comprehensively


Leave a Reply