What are the responsibilities and job description for the Applications Security Specialist - Remote position at Altera Digital Health Inc. United States?
Altera, a member of the N. Harris Computer Corporation family, delivers health IT solutions that support caregivers around the world. These include the Sunrise™, Paragon®, Altera TouchWorks®, Altera Opal, STAR™, HealthQuest™ and dbMotion™ solutions. At the intersection of technology and the human experience, Altera Digital Health is driving a new era of healthcare, in which innovation and expertise can elevate care delivery and inspire healthier communities across the globe. A new age in healthcare technology has just begun.
Overview
In this role, you will work closely with developers, engineers, and security professionals to ensure our applications are built with security in mind. Your primary focus will be on identifying, analyzing, and mitigating potential vulnerabilities in our software applications. You will serve as a primary liaison between security and the development teams.
Responsibilities
- Conduct code scanning and analysis to identify vulnerabilities in the application code.
- Conduct threat modeling sessions with developers to anticipate and address potential security risks during the application development process.
- Review code for security flaws and provide actionable feedback to development teams.
- Collaborate with developers to integrate secure coding practices into the software development lifecycle.
- Assist in the creation and maintenance of security documentation, policies, and procedures.
- Meeting regularly with Development teams to address compliance, SDLC, and OWASP standards.
- Stay updated on the latest security trends, threats, and compliance requirements to proactively protect applications.
- Work with the teams to document the scan results and follow up with corrective action plans designed by Engineers and Architects.
- Reviewing the output from security scanning tools and creating remediation plans with the development team.
- Understand the Application Security Verification Standard and communicating it with development teams to ensure compliance.
- Reviewing ASVS compliance with dev teams.
- Lead a vulnerability review and remediation planning, architectural review, and complete a threat model.
- Administration of security tools.
- Review architectural diagrams for vulnerabilities.
- Review data-flow diagrams for vulnerabilities.
Qualifications
Academic and Professional Qualifications:
- Bachelor's degree in Cybersecurity, Information Technology, or a related field or equivalent/years of experience preferred.
Experience:
- 8-10 years Software design and development preferred.
- 8 years Working with code scanning tools (e.g., SAST, DAST, SCA) preferred.
- 8 years Security concepts and SDL practices preferred.
- 8 years Security frameworks, standards, and regulations (e.g., OWASP Top 10/ASVS, NIST, GDPR) preferred.
- 8 years Secure coding practices and common vulnerabilities (e.g., SQL injection, XSS, CSRF) preferred.
Travel Requirements:
- Up to 10% travel may be
Working Arrangements:
- Work is performed in a remote office environment with minimal exposure to health or safety hazards.
Altera is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law.
If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at:
HR.Recruiting@AlteraHealth.com
