Providence Digital Innovation Jobs

Description

Providence is one of the largest not-for-profit health systems in the United States.

At Providence, we use our voice to advocate for vulnerable populations and health care reforms. We pursue innovative ways to transform health care by keeping people healthy, and making our services more convenient, accessible and affordable for all. In an increasingly uncertain world, we are committed to high-quality, compassionate health care for everyone—regardless of coverage or ability to pay. We help people and communities benefit from the best health care model for the future, today.

The Digital Innovation Group (DIG) at Providence is a small but mighty product development and incubation team. We build next-gen tools that give patients convenient and easy access to health care anywhere, anytime.

DIG is both a healthcare startup and a technology/product incubator. Our team gathers market data on effective solutions in the health care space and then builds out a product line with the latest and greatest technology. When market maturity hits, DIG enables the product to spin out as its own company. It is a unique mix of venture capitalists, digital strategists, marketing acumen, product development and engineering all in one group nestled inside one of the largest health systems. We set the pace for other health care organizations on how to conceive, engineer and launch effective health care solutions.

Recently funded DIG startups include DexCare and Xealth. This is a remote work opportunity in United States.

SUMMARY

You bring together an informed mix of experience of technology, product and business acumen from a Cyber Security perspective. You act as the primary expert in cybersecurity and cloud security to help us protect and transform healthcare through technology that is secure, privacy first, compliance based, well architected security pillars, and measurable. You will conduct threat assessments on new API’s and web applications, utilize web vulnerability tools, consult, and assess cloud architectures for security baselines and policy enforcement. You will build reporting tools to communicate to engineers and leadership the security posture of the environments and services. As the principal security engineer, you will spend time designing and building out automation for security tooling for auto-remediation or policy enforcement of cloud security standards. As the lead security engineer in the team, you will be responsible for implementing the security training program for developers and SRE to support a shift left security pattern.

ESSENTIAL FUNCTIONS:

In this position you:

• Develop and manage DAST/SAST/SCA Scans on Web and API applications for vulnerabilities.

• Perform security reviews, audits and threat assessments on Cloud based applications with engineering teams.

• Support PEN testing, security incident investigations and consult on remediation of vulnerabilities.

• Analyze and audit Cloud infrastructure for CSF (Control Systems Framework: NIST, ISO, HITRUST, SOC2) Compliance

• Develop policies for security automation to detect and remediate cloud infrastructure.

• Consult and document best practices for cloud security and secure coding for Engineering Teams

• Setup code contribution and design standards; mentor senior engineering staff through secure coding standards.

• Support, document and manage security incident process and security review process.

• You communicate proactively and effectively all the way up to an executive level including external organizations.

• Ride the crest of the tech wavefront by having a voracious appetite to keep up to date with current security vulnerabilities, hacker news sources and technology trends around the world.

• Bring a growth mindset, customer focus, and a bias for automation.

Required EXPERIENCE:

• Bachelor's degree in Computer Science, Software Engineering, Computer Engineering, Mathematics or other related scientific or engineering fields.

• 10+ years’ experience as a part of a highly functional software development teams securing Enterprise systems using modern security tools and supporting teams with security reviews and threat assessments.

• 10+ years’ experience deep hands-on technical expertise in at least one major technical area from a security hardening perspective.

• Experience in working with Cloud Security Pillars and Cloud SIEM Technologies, preferable Azure Defender and Sentinel Experience.

• Experience with tools like Rapid7, Checkmarx, Qualys, or other industry standard Vulnerability Management Tools.

• Experience generating security reports and supporting engineering teams to remediate the vulnerabilities.

• Excellent communication and presentation skills with success in effectively communicating at all levels of the organization as well as external organizations.

• Positive mind set with the proven ability to build a strong, effective engineering culture.

• Proven work experience as a Cyber Security Specialist

Preferred Experience:

• Experience in consulting and supporting well architected cloud security pillars.

• Experience in Kusto Queries with Azure Sentinel & WAF for Security Analysis.

• Experience working in a HIPAA Compliant environment securing applications.

• Experience in securing Web based applications, API’s and Kubernetes solutions.

• Experience with GitHub Advance Security and Azure Sentinel Data Connectors

• Certification in one of the industry standards for security professional certification: CompTIA, CISSP, CISM, CISA, CCSP, or Ethical Hacker Certifications

Our best-in-class benefits are uniquely designed to support you and your family in staying well, growing professionally and achieving financial security. We take care of you, so you can focus on delivering our Mission of caring for everyone, especially the most vulnerable in our communities.

About Providence

At Providence, our strength lies in Our Promise of “Know me, care for me, ease my way.” Working at our family of organizations means that regardless of your role, we’ll walk alongside you in your career, supporting you so you can support others. We provide best-in-class benefits and we foster an inclusive workplace where diversity is valued, and everyone is essential, heard and respected. Together, our 120,000 caregivers (all employees) serve in over 50 hospitals, over 1,000 clinics and a full range of health and social services across Alaska, California, Montana, New Mexico, Oregon, Texas and Washington. As a comprehensive health care organization, we are serving more people, advancing best practices and continuing our more than 100-year tradition of serving the poor and vulnerable.

The amounts listed are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities.

Check out our benefits page for more information about our Benefits and Rewards.

About the Team

Providence Shared Services is a service line within Providence that provides a variety of functional and system support services for our family of organizations across Alaska, California, Montana, New Mexico, Oregon, Texas and Washington. We are focused on supporting our Mission by delivering a robust foundation of services and sharing of specialized expertise.

We are committed to the principle that every workforce member has the right to work in surroundings that are free from all forms of unlawful discrimination and harassment.

We are committed to cultural diversity and equal employment for all individuals. It is our policy to recruit, hire, promote, compensate, transfer, train, retain, terminate, and make all other employment-related decisions without regard to race, color, religious creed (including religious dress and grooming practices), national origin (including certain language use restrictions), ancestry, disability (mental and physical including HIV and AIDS), medical condition (including cancer and genetic characteristics), genetic information, marital status, age, sex (which includes pregnancy, childbirth, breastfeeding and related medical conditions), gender, gender identity, gender expression, sexual orientation, genetic information, and military and veteran status or any other applicable legally protected status. We will also provide reasonable accommodation to known physical or mental limitations of an otherwise qualified caregiver or applicant for employment, unless the accommodation would impose undue hardship on the operation of our business.

We are a community where all people, regardless of differences, are welcome, secure, and valued. We value respect, appreciation, collaboration, diversity, and a shared commitment to serving our communities. We expect that all workforce members in our community will act in ways which reflect a commitment to and accountability for, racial and social justice and equality in the workplace. As such, we will maintain a workplace free of discrimination and harassment based on any applicable legally protected status. We also expect that all workforce members will maintain a positive workplace free from any unacceptable conduct which creates an intimidating, hostile, or offensive work environment.

Requsition ID: 173330
Company: Providence Jobs
Job Category: Development/Engineering
Job Function: Information Technology
Job Schedule: Full time
Job Shift: Day
Career Track: Business Professional
Department: 4007 SS INN DIG PRODUCT 2
Address: WA Seattle 800 Fifth Ave
Pay Range: $91.06 - $155.04
The amounts listed are the base pay range; additional compensation may be available for this role, such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities.
Check out our benefits page for more information about our Benefits and Rewards.

Providence is proud to be an Equal Opportunity Employer. Providence does not discriminate on the basis of race, color, gender, disability, veteran, military status, religion, age, creed, national origin, sexual identity or expression, sexual orientation, marital status, genetic information, or any other basis prohibited by local, state, or federal law.