Baker Hughes, a GE company Company Profile

Staff Product Security Analyst at Baker Hughes, a GE company (Houston, TX)

About the Employer

Job Description

Role Summary About Us: Baker Hughes, a GE company (NYSE: BHGE) is the worlds first and only fullstream provider of integrated oilfield products, services and digital solutions. We deploy minds and machines to enhance customer productivity, safety and environmental stewardship, while minimizing costs and risks at every step of the energy value chain. With operations in over 120 countries, we infuse over a century of experience with the spirit of a startup inventing smarter ways to bring energy to the world. Follow Baker Hughes, a GE company on Twitter @BHGECo, or visit us at BHGE.com. GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, gender (including pregnancy), sexual orientation, gender identity or expression, age, disability, veteran status or any other characteristics protected by law. Role Summary/Purpose The Staff Product Security Analyst has a focus on and is responsible for the Third-Party Suppliers Security strategy globally for BHGE. Essential Responsibilities In the role of Staff Product Security Analyst, you will: Execute on strategy and technology roadmap for the Third-Party Suppliers Security Programs Lead / perform security risk assessments and remediation of suppliers and third parties Document supplier security strategies and roadmaps Track supplier assessment results Ensure cyber security risks and vulnerabilities are logged, analyzed and vetted for accuracy within SLAs Identify and deliver appropriate metrics to drive supplier security program and reporting framework based on business risk Lead strategic projects and initiatives with broad scope and high impact to the business and be a recognized expert in supplier security Lead the implementation of supplier and third-party security standards and policies to protect BHGE information and business operations Lead the assessment of cloud and 3rd party hosted environments Continually evaluate new threats, standards, regulations, and their impact on IT and Business operations, and balance these needs to devise and implement the best security solutions for the business Represent BHGE interests on wide supplier security and third-party security initiatives Qualifications/Requirements Bachelor's Degree in Computer Engineering or in a STEM field (Science, Technology, Engineering, Math) from an accredited college or university Minimum 3 years IT experience Minimum 1 years IT experience with industry frameworks and standards, such as ISO27001-2, ISO27036, and NIST Additional Eligibility Requirement GE will only employ those who are legally authorized to work in the United States for this opening. Desired Characteristics Master's Degree in a STEM field (Science, Technology, Engineering, Math) from an accredited college or university Minimum 3 years IT experience, preferably within Identity Management Experience with secure network architectures, identity and access management principles, application security, encryption technologies, database, web applications, regulatory and compliance Experience with vulnerability assessment tools such as Nessus Experience managing direct and/or matrix-reporting global teams Demonstrated experience leading global programs across technology and business functions CISA or similar certifications appreciated Knowledge of secure development lifecycle principles Good knowledge of networking and application security architectures Good communication skills (both written and verbal) with all levels of an organization Hands-on experience in Supplier Security risk assessments or audits Contribute to and lead discussions and communications within the team and outside, including customers and other business units Excellent written and verbal communication skills Foster a collaborative and cooperative team environment, encouraging input and participation from all members Demonstrated experience in IT Security, system administration, LDAP, and scripting Experience in large service provider environments Scripting skills (e.g., Perl, shell scripting) Excellent written and verbal communication skills, especially experience with executive-level communications Experience with web-based applications and/or web services-based applications, especially at large scale Experience with Agile Management Locations: United States; Texas; HOUSTON GE will only employ those who are legally authorized to work in the United States for this opening.