Welcome to Allscripts! Our Mission is to be the most trusted provider of innovative solutions that empower all stakeholders across the healthcare continuum to deliver world-class outcomes. Our Vision is a Connected Community of Health that spans continents and borders. With the largest community of clients in healthcare, Allscripts is able to deliver an integrated platform of clinical, financial, connectivity and information solutions to facilitate enhanced collaboration and exchange of critical patient information.
The primary purpose of this role is to drive development and operational teams in the appropriate application of security best practices and the use of advanced security technologies. Work to mitigate development and operational risks in the SDLC.
Allscripts policy is to provide equal employment opportunity and affirmative action in all of its employment practices without regard to race, color, religion, sex, national origin, ancestry, marital status, protected veteran status, age, individuals with disabilities, sexual orientation or gender identity or expression or any other legally protected category. Applicants for North American based positions with Allscripts must be legally authorized to work in the United States or Canada. Verification of employment eligibility will be required as a condition of hire.
From a "VEVRAA Federal Contractor" We request Priority Referral of Protected Veterans
by via developer jobs - Stack Overflow
The primary purpose of this role is to drive development and operational teams in the appropriate application of security best practices and the use of advanced security technologies. Work to mitigate development and operational risks in the SDLC.
Own a
Academic And Professional Qualifications- nd execute the vision for Application Security across the company.Accou
- ntable for the overall implementation of the Application Security Process.Serve
- as a Trusted Partner with and educate Development Teams on Security Best Practices.Drive
- the identification process for identifying security vulnerabilities, designing and executing on remediation plans involving the acquisition, design, test, integration, and implementation of advanced security tools.Drive
- teams that execute programmatic scans, pen-testing, red/blue/purple teaming, offensive security testing, threat modeling and bug bounty programs.Assis
- t development and operational teams in the appropriate application of security best practices and the use of advanced security technologiesInter
- nally recognized as highly competent in security areas, will review and participate in benchmarking, installation, upgrade, configuration, deployment and testing activityInves
- tigate innovative approaches to improve software securityWorki
- ng knowledge of Secure SDL
- Knowledge of SAST and DAST
- Can discuss and explain security risks of Mobile, Web, C-S, Hybrid, and Cloud stacks
- Knowledgeable of cloud, DevOps, network, systems and software architecture modalities and patterns.
- Provide executive summary reports of assurance metrics to leadership with a comprehensive inventory of attack surface, the state of testing and defensive coverage of surfaces, and a real-time accounting of open risks within each application.
- Familiarity with industry changes in security standards, information management, development standards, methods and emerging 3rd party security software in order to advise on security and leverage industry best practice in the design and construction of Allscripts software products
- Familiarity with regulatory (GDPR, HIPAA) and certifications (ISO, HITRUST, EHNAC) and Privacy by Design concepts.
- Support and mentor members of the team
- Create a center of expertise and forum for common security design and reuse
- Participate in the definition and documentation of security standards and best practices
- B.S. in Computer Science or related field required
- Minimum of 15 years' experience with software product development
- Minimum of five years' experience managing corporate application and product security programs and teams.
- Minimum of five years' experience managing a SDL (Secure Software Development Life Cycle) that integrates security into all stages of software development process for a large development organization.
- Demonstrated technical expertise and understanding of modern development, languages, and cloud platforms.
- Exceptional skills driving product security initiatives and delivering software security
- Superb written and verbal communication skills
- Advanced interpersonal and presentation skills
- Experience building, developing, and leading highly effective security teams
- Demonstrated commitment to excellence with corresponding leadership abilities needed to direct and motivate a team to provide industry- leading security
- Successful at facilitating a collaborative team environment and leading consensus within a team
- Excellent presentation skills
- Able to be successful in a team environment, working collaboratively with other members of the management team across the organization
- Exceptionally organized and proactive on next steps or anticipating issues
- CISM, CISSP, OSCP, CEH preferred
- 10%
- Work is performed in a standard office environment with minimal exposure to health or safety hazards
Allscripts policy is to provide equal employment opportunity and affirmative action in all of its employment practices without regard to race, color, religion, sex, national origin, ancestry, marital status, protected veteran status, age, individuals with disabilities, sexual orientation or gender identity or expression or any other legally protected category. Applicants for North American based positions with Allscripts must be legally authorized to work in the United States or Canada. Verification of employment eligibility will be required as a condition of hire.
From a "VEVRAA Federal Contractor" We request Priority Referral of Protected Veterans
by via developer jobs - Stack Overflow
No comments:
Post a Comment