Cyber Security Engineer
Listed on 2026-02-24
-
IT/Tech
Cybersecurity
Job Description Summary
The Caption Health SBU focuses on clinical applications that aid in early disease detection, using AI to assist in conducting ultrasound scans.
Product Security Leader PSR
This role is part of our security team and helps safeguard the integrity, confidentiality, and availability of our healthcare technology products. It is ideal for an experienced product security analyst passionate about building secure, compliant, and resilient systems in a regulated environment. The role works cross‑functionally with Engineering, Product, Compliance, and Dev Ops teams to embed security into every phase of the product lifecycle.
100% Remote.
- Security by Design:
Partner with product and engineering teams to integrate security into architecture, design, and development processes. - Threat Modeling & Risk Assessment:
Conduct threat modeling, security reviews, and risk assessments for new and existing products. - Create & Maintain Cybersecurity Documentation:
Deliver product release security documents, document cyber security status and process in accordance with regulations. - Vulnerability Management:
Identify, triage, and drive remediation of vulnerabilities in applications and infrastructure. - Incident Response:
Support product‑related security incidents and coordinate with internal stakeholders for resolution. - Security Awareness:
Educate developers and product managers on secure development practices and emerging threats. - Compliance & Standards:
Ensure products meet internal security standards and external compliance requirements (e.g., HIPAA, HITRUST, SOC 2, ISO 27001).
- Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
- 5‑8 years of experience in application/product security, with a strong understanding of secure software development.
- Proficiency in threat modeling and vulnerability management.
- Experience analyzing, detecting, and remediating cybersecurity issues.
- Experience in security/network/system administration/development or equivalent knowledge.
- Familiarity with cloud platforms (AWS, Azure, GCP) and container security (Docker, Kubernetes).
- Strong communication skills and ability to influence cross‑functional teams.
- Relevant certifications (e.g., OSCP, CISSP, CSSLP) are a plus.
- Experience working in or with healthcare technology companies or digital health platforms.
- Deep understanding of HIPAA, HITECH, and 21 CFR Part 11 compliance requirements.
- Knowledge of patient data privacy, PHI/PII protection, and data residency concerns.
- Exposure to HITRUST CSF or similar healthcare‑specific security frameworks.
- Practical hands‑on experience cybersecurity events investigation tracking and threat resolution.
- Able to work under minimal supervision and open to collaboration.
- This position is based in the United States only. Legal authorization to work in the U.S. is required. GE Health Care may agree to sponsor an individual for an employment visa now or in the future if there is a shortage of individuals with particular skills.
- Must be willing to travel as required.
We will not sponsor individuals for employment visas, now or in the future, for this job opening. For U.S. based positions only, the pay range for this position is $-$ Annual. The specific compensation offered to a candidate may be influenced by a variety of factors including skills, qualifications, experience and location. In addition, this position may also be eligible to earn performance‑based incentive compensation, which may include cash bonus(es) and/or long‑term incentives (LTI).
GE Health Care offers a competitive benefits package, including medical, dental, vision, paid time off, a 401(k) plan with employee and company contribution opportunities, life, disability, and accident insurance, and tuition reimbursement.
GE Health Care offers a great work environment, professional development, challenging careers, and competitive compensation. GE Health Care is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
GE Health Care will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
While GE Health Care does not currently require U.S. employees to be vaccinated against COVID‑19, some GE Health Care customers have vaccination mandates that may apply to certain GE Health Care employees.
Relocation Assistance Provided:
No
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).