Applications Security Specialist - Remote

Posted:
11/18/2024, 7:31:08 PM

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
IT & Security ⋅ Software Engineering

Workplace Type:
Remote

Altera, a new member of the N. Harris Computer Corporation family, delivers health IT solutions that support caregivers around the world. These include the Sunrise™, Paragon®, Altera TouchWorks®, Altera Opal, STAR™, HealthQuest™ and dbMotion™ solutions. At the intersection of technology and the human experience, Altera Digital Health is driving a new era of healthcare, in which innovation and expertise can elevate care delivery and inspire healthier communities across the globe. A new age in healthcare technology has just begun.

Overview

In this role, you will work closely with developers, engineers, and security professionals to ensure our applications are built with security in mind. Your primary focus will be on identifying, analyzing, and mitigating potential vulnerabilities in our software applications. You will serve as a primary liaison between security and the development teams.

 

Responsibilities

  • Conduct code scanning and analysis to identify vulnerabilities in the application code.
  • Conduct threat modeling sessions with developers to anticipate and address potential security risks during the application development process.
  • Review code for security flaws and provide actionable feedback to development teams.
  • Collaborate with developers to integrate secure coding practices into the software development lifecycle.
  • Assist in the creation and maintenance of security documentation, policies, and procedures.
  • Meeting regularly with Development teams to address compliance, SDLC, and OWASP standards.
  • Stay updated on the latest security trends, threats, and compliance requirements to proactively protect applications.
  • Work with the teams to document the scan results and follow up with corrective action plans designed by Engineers and Architects.
  • Reviewing the output from security scanning tools and creating remediation plans with the development team.
  • Understand the Application Security Verification Standard and communicating it with development teams to ensure compliance.
  • Reviewing ASVS compliance with dev teams.
  • Lead a vulnerability review and remediation planning, architectural review, and complete a threat model.
  • Administration of security tools.
  • Review architectural diagrams for vulnerabilities.
  • Review data-flow diagrams for vulnerabilities.

 

Qualifications

Academic and Professional Qualifications:

  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field or equivalent/years of experience preferred.

 

Experience:

  • 8-10 years Software design and development preferred.
  • 8+ years Working with code scanning tools (e.g., SAST, DAST, SCA) preferred.
  • 8+ years Security concepts and SDL practices preferred.
  • 8+ years Security frameworks, standards, and regulations (e.g., OWASP Top 10/ASVS, NIST, GDPR) preferred.
  • 8+ years Secure coding practices and common vulnerabilities (e.g., SQL injection, XSS, CSRF) preferred.

 

Travel Requirements:

  • Up to 10% travel may be

 

Working Arrangements:

  • Work is performed in a remote office environment with minimal exposure to health or safety hazards.

 

Our company complies with all local/state regulations in regard to displaying salary ranges. If required, the salary range(s) are displayed below and are specifically for those potential hires who will perform work in or reside in the location(s) listed, if selected for the role. Any offered salary is determined based on internal equity, internal salary ranges, market data, ranges, applicant's skills and prior relevant experience, certain degrees and certifications (e.g. JD, technology), for example.

Salary Range
$99,290$117,163 USD

 Altera is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law.

If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at:

[email protected]