Welcome to Allscripts. Our Mission is to be the most trusted provider of innovative solutions that empower all stakeholders across the healthcare continuum to deliver world-class outcomes. Our Vision is a Connected Community of Health that spans continents and borders. With the largest community of clients in healthcare, Allscripts is able to deliver an integrated platform of clinical, financial, connectivity and information solutions to facilitate enhanced collaboration and exchange of critical patient information.
The primary purpose of this role is to Perform Coding, Testing, Documentation in the areas of Development and Maintenance.
The security tooling engineer will be responsible for the installation, operation and maintenance of the security tooling infrastructure to support application security scanning and vulnerability assessment of products across the portfolio. The primary purpose of the role would be ownership of the portfolio of security tools to identify and report potential security vulnerabilities in the application, communicate and work with development and build teams and monitor the tooling infrastructure for periodic upgrades and maintenance.
The ideal candidate will possess the following background and skill set :
* Experience using and implementing static code analysis tools such as HP Fortify, Coverity,Veracode, IBM AppScan etc. on a variety of enterprise applications
* Ability to independently build and deploy security test environments
* Ability to independently create and execute security scans using static and dynamic analysis tools
* Experience using Continous Integration software such as Jenkins
* Experience in using and implementing open source review tools such as Blackduck, Veracode etc is a plus
* Experience in writing and executing batch and powershell scripts
* Experience in preparing and executing test plans
* Must be able to train individuals and/or development teams in using security scan tools
* Must be comfortable working with development and application security teams in a partnership role
* Experience in monitoring scan environments for routine health check, upgrades and efficiency
* Experience in preparing and publishing technical and installation documentation for internal and external audience
* Must be able to troubleshoot failed scans, debug and review logs and apply fixes
* Working knowledge of .NET, Java, C/C++ and SQL is highly desired
* Experience in generating reports and metrics and presenting to senior management and development teams
* Must be comfortable working both as an independent contributor and in a team
* Healthcare experience is a bonus
* Familiarity with security standard organizations such as NIST and communities such as OWASP is a bonus
* Must have a relevant 4 year technical degree in a relevant field
* 4+ years of experience in configuration management, tooling and infrastructure maintenance, or a related role
Academic and Professional Qualifications:
Experience in build and release, configuration engineer, powershell or bacth scripting
Source control tools : TFS/Jira integration,Jenkins/ build automation
Tools : Fortify,checkmarx, IBM Appscan,
At Allscripts, our greatest strength comes from bringing together talented people with diverse perspectives to support the technology needs of 180,000 physicians, 1,500 hospitals and 10,000 post-acute organizations across the globe. Allscripts offers a comprehensive compensation and benefits package, including holidays, vacation, medical, dental, and vision insurance, company paid life insurance and retirement savings.
Allscripts policy is to provide equal employment opportunity and affirmative action in all of its employment practices without regard to race, color, religion, sex, national origin, ancestry, marital status, protected veteran status, age, individuals with disabilities, sexual orientation or gender identity or expression or any other legally protected category. Applicants for North American based positions with Allscripts must be legally authorized to work in the United States or Canada. Verification of employment eligibility will be required as a condition of hire.