Application Security Engineer
HUN02-01-Budapest-Vaci Greens C, Hungary
GE HealthCare
GE HealthCare provides digital infrastructure, data analytics & decision support tools helps in diagnosis, treatment and monitoring of patientsWe're seeking an experienced Application Security Engineer to join the Cyber Threat Defense team within the Security, Risk, and Compliance organization.
In this role, you will use expertise in offensive security techniques to assess, test, and strengthen GE HealthCare’s applications. You will be responsible for conducting penetration testing of web applications, APIs, and cloud environments to identify security gaps and recommending remediation strategies, as well as performing secure code reviews to proactively detect weaknesses and ensure adherence to secure coding practices.
As a Application Security Engineer, you will also lead efforts in configuring, integrating, and maintaining tools supporting application security operations while collaborating with developers and security teams to provide guidance on secure development practices and remediation strategies.Job Description
Responsibilities
Performing application security testing and source code reviews to proactively identify risks to the organization.
Presenting technical findings in a clear and digestible manner, enabling application teams to effectively address security risks and implement remediation strategies.
Leading conversations and facilitate discussion to drive remediation and/or mitigation of vulnerability findings.
Providing security expertise on enterprise architecture, ensuring secure design and implementation across various platforms.
Identifying, assessing, and continuously monitoring the attack surface across applications, APIs, cloud environments, and infrastructure to detect vulnerabilities and potential security gaps.
Developing intuitive dashboards and reports for executive leadership and key stakeholders, delivering real-time insights for informed decision-making and strategic planning.
Required Qualifications:
Bachelor’s Degree in Cybersecurity, Computer Science, Engineering, Information Technology or related field.
Certifications such as CEH, OSCP, CPTS, CAPE, OSWE, CRTO, GPEN, GWAPT, etc.
Experience in cybersecurity and either an application security or offensive security area (penetration testing, red team, etc.).
Experience conducting secure code reviews.
Experience configuring and using SCA, SAST, IAST, DAST, and other application security platform tools such as Veracode, Coverity, Qualys, etc.
Experience developing and/or using API for data ingestion,
Experience using languages such as JavaScript, PowerShell, Python, C#, PHP, Ruby, etc.
Experience with writing SQL or SQL-like queries
Familiarity with OWASP guidelines.
Desired Characteristics:
Strong analytical skills and ability to troubleshoot complex challenges,
Strong communication and teamwork skills.
Inclusion and Diversity
GE HealthCare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
We expect all employees to live and breathe our behaviors: to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity.
Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.
#LI-MT1
#LI-Hybrid
Additional InformationRelocation Assistance Provided: No
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security C CEH Cloud Compliance Computer Science DAST GPEN GWAPT IAST JavaScript Monitoring Offensive security OSCP OSWE OWASP Pentesting PHP PowerShell Python Qualys Red team Ruby SAST SQL Veracode Vulnerabilities
Perks/benefits: Career development Transparency
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.