Principal Product Cyber Security Architect
GE Vernova · Boston, MA · 1 wk ago
RemoteRemoteEngineering$147k–$245k/yrFull-time
About the role
This role involves working directly with product managers, architects, and engineering teams to embed security throughout the product lifecycle. Responsibilities include translating SDL policies and IEC 62443 requirements into practical, product-specific guidance and using AI-enabled tools to improve the speed, quality, and consistency of secure development outputs.
Responsibilities
- Guide product teams in designing secure architectures, including zones, conduits, trust boundaries, authentication, authorization, data protection, and remote access.
- Develop reusable security patterns, reference architectures, and design standards.
- Review product architecture changes and provide actionable security recommendations.
- Conduct threat modeling and risk assessments aligned to IEC 62443-3-2.
- Create threat model outputs, including data flows, threat analysis, risk ratings, and recommendations.
- Use AI-assisted tools to accelerate threat modeling and analysis.
- Create deployment security guidance for secure installation, configuration, hardening, and operation.
- Support SDL execution by defining security requirements, performing design reviews, and evaluating security gates.
- Help prepare security evidence, test documentation, and compliance artifacts.
- Contribute reusable templates, artifacts, and lessons learned to improve team efficiency.
Requirements
- Bachelor’s degree in Cybersecurity, Computer Science, Electrical Engineering, or related field.
- 8+ years of experience in cybersecurity with strong product, system, or architecture security experience.
- Proven experience producing security architecture deliverables and threat models.
- Working knowledge of IEC 62443, especially 6243-3-2, 62443-3-3, and 62443-4-1.
- Familiarity with OT/ICS product architectures and energy sector deployment environments.
- Strong written communication skills.
Qualifications
- Experience with GE Vernova or similar industrial energy technology products.
- Experience using AI tools for threat modeling or security analysis.
- Familiarity with EU Cyber Resilience Act requirements.
- Experience with SDL artifact libraries or security pattern catalogs.
- Certifications such as GICSP, CSSLP, or ISA/IEC 62443 certification.
Benefits
- Medical, dental, vision, and prescription drug coverage.
- Access to Health Coach from GE Vernova, a 24/7 nurse-based resource.
- Access to the Employee Assistance Program, providing 24/7 confidential assessment, counseling and referral services.
- Retirement benefits including the GE Vernova Retirement Savings Plan, a tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions.
- Tuition assistance, adoption assistance, paid parental leave, disability benefits, life insurance, 12 paid holidays, and permissive time off.