Principal Cyber Security Engineer

Principal Engineer - Cyber Security

We are seeking a Principal Engineer to lead our Cyber Security Engineering and AI Automation initiatives for our Healthcare Device and Solutions organization. This role is for a hands-on technical leader passionate about penetration testing, cloud security, and AI-driven automation in a regulated healthcare environment. You will architect, design, and develop security frameworks and tools that safeguard sensitive patient data (PHI), ensure compliance with regulatory requirements, and enhance security, privacy, and resilience across connected medical devices, cloud platforms, and healthcare applications. GE Healthcare is a leading global medical technology and digital solutions innovator. Our mission is to improve lives in the moments that matter. Unlock your ambition, turn ideas into world-changing realities, and join an organization where every voice makes a difference, and every difference builds a healthier world.

Key Responsibilities:

• Lead design and implementation of advanced penetration testing frameworks, security testing tools, and automated vulnerability detection systems.
• Architect and enhance end-to-end cloud security capabilities across multi-cloud environments (AWS, Azure, GCP).
• Define and enforce secure cloud architectures, IAM policies, network segmentation, and data protection mechanisms with a focus on regulatory compliance (HIPAA, FDA, GDPR).
• Drive adoption of AI/ML to automate detection, triage, and privacy risk analysis, improving efficiency in healthcare cybersecurity operations.
• Collaborate with product, clinical, and regulatory teams to embed security-by-design principles into medical device and health solution development lifecycles.
• Ensure compliance with healthcare and data protection standards such as HIPAA, FDA cybersecurity guidance, ISO 27001, and SOC 2.
• Integrate security tooling into DevSecOps pipelines, including IaC scanning, PHI data loss prevention, and cloud posture management.
• Mentor and guide a team of security engineers, tool developers, and researchers in regulated security practices.
• Evaluate and adopt emerging technologies such as LLMs, graph AI, and behavioral anomaly detection for healthcare cybersecurity use cases.
• Lead investigations, vulnerability triage, and incident response focused on regulated environments and PHI protection.

Educational Qualifications:

Bachelor’s or Master’ s degree in Computer Science, Engineering, or a related technical field.

Required Qualifications:

• 12+ years of experience in security engineering, penetration testing, and tool development.
• Strong expertise in Cloud Security — architecture, deployment, and protection in AWS, Azure, or Google Cloud Platform.
• Deep understanding of healthcare data security, PHI protection, and regulatory requirements (HIPAA, FDA, GDPR).
• Experience implementing CSPM, CWPP, CNAPP, and Zero Trust frameworks.
• Strong programming skills in Python, Go, or C++ to build or extend security utilities.
• Proven experience using AI/ML or data-driven automation for security analytics or privacy monitoring.
• Deep understanding of web, application, and API security (OWASP, CWE, CVE).
• Hands-on experience with red teaming, fuzzing, and reverse engineering tools and techniques.
• Solid understanding of DevSecOps, CI/CD security, and container orchestration (Kubernetes).
• Excellent communication, technical leadership, and collaboration skills, especially with product and compliance teams.

Preferred Qualifications:

• Experience applying LLMs or NLP for log analysis, code review, or privacy risk correlation.
• Understanding of healthcare cybersecurity standards such as IEC 81001-5-1, ISO 14971, and NIST 800-53.
• Prior contributions to open-source security projects, research publications, or patents in cybersecurity or AI.
• Certifications such as CCSP, OSCP, OSWE, CISSP, CEH, HCISPP, or equivalent healthcare security credentials.

Why Join Us:

• Shape the future of AI-powered cybersecurity and privacy automation in healthcare devices and solutions.
• Collaborate with cross-disciplinary experts driving safety, compliance, and data protection across the healthcare ecosystem.
• Lead innovations that improve resilience, patient trust, and regulatory compliance through secure design and advanced automation.

Inclusion and Diversity:

GE Healthcare is an Equal Opportunity Employer where inclusion matters. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

We expect all employees to live and breathe our behaviors: to act with humility and build trust; lead with transparency; deliver with focus, and drive ownership – always with unyielding integrity.

Our total rewards are designed to unlock your ambition by giving you the boost and flexibility you need to turn your ideas into world-changing realities. Our salary and benefits are everything you’d expect from an organization with global strength and scale, and you’ll be surrounded by career opportunities in a culture that fosters care, collaboration and support.

#Everyroleisvital

Additional Information:

Relocation Assistance Provided: Yes

Key skills/competency:

• Principal Engineer - Cyber Security
• Penetration Testing
• Cloud Security
• AI Automation
• Healthcare Cybersecurity
• Regulatory Compliance (HIPAA, FDA, GDPR)
• DevSecOps
• Python, Go, C++
• Vulnerability Detection
• Security Frameworks