Would you like to join Practice Fusion, an Allscripts company, as we work together to reshape the future of healthcare? We are on a mission to help small, independent practices thrive by offering best-in-class, affordable products that allow them to focus on what matters most – caring for their patients.
Practice Fusion is a leader in the electronic health record space with over 80 million patients served by doctors using our platform. Our award-winning, cloud based ambulatory EHR platform helps physicians thrive in an increasingly complex world by coordinating patient care.
Join our growing team, as we are an enthusiastic and committed partner dedicated to connecting doctors, patients, and data to drive better health and save lives.
Would you like to join a company whose mission is to save lives? Practice Fusion is a leader in the electronic health record space with 112,000 active practices and over 80 million patients served by doctors using our platform. Join the team growing yearly in users and revenue while consistently aligning our efforts to our mission: connect doctors, patients and data to drive better health and save lives.
You will be responsible for a broad range of environments, systems, and security solutions including ongoing collaboration with our DevOps and Engineering teams to optimize and harden our ephemeral infrastructure and ship secure code. You have a passion for security. You love to design and build tools to automate. You strive to improve yourself and those around you. You want to make a difference in people’s lives.
To be blunt, if the DevSecOps turns your crank and you want to be part of an amazing team supporting a noble mission to transform healthcare in the US, then this is the place for you. Practice Fusion has been independently named the 4th largest EHR in the US and the largest cloud based EHR in the country. We take the responsibility of securing healthcare data very seriously, and are looking for a team player to help us raise our game even further.
OS and Application hardening
Work with our DevOps team to create and deploy hardened Linux and Windows systems via Chef and CloudFormation.
Document environmental standards as compared to CIS benchmarks.
Develop InSpec tests to achieve compliance as code is integrated into the Jenkins infrastructure provisioning pipeline.
Perform network and system vulnerability security scans using open source and commercial tools.
Be accountable for system and device patch compliance for modern, ephemeral AWS instances.
Create or augment vulnerability management procedures to prioritize efforts and minimize risk to the organization.
Periodically audit configurations, roles and permissions to ensure that minimum necessary access is provided.
Review and enforce AWS Security best practices, especially in the areas of IAM roles, Network Access Controls and Key Management.
Help evaluate and implement new security technologies.
Drive the design and development of security capabilities and requirements.
Work closely with senior leadership teams in a collaborative environment to improve the current security framework and educate employees.
Suggest and introduce new methodologies for improving security.
Mentor other members of the team through collaboration and knowledge sharing.
Be a senior technical contributor of the security team.
Provide technical security expertise to IT, Engineering and business units on an as-needed basis.
Understanding and aptitude for endpoint security, log management, vulnerability scanning, IDS/IPS management. We need you to drive our Splunk standards and optimizations.
Know OWASP top 10 security risks and be able to describe how to attack and defend them.
Proficient in one or more programming languages; C#, Java, or Ruby a plus.
Strong knowledge of networking, encryption protocols, and modern ciphers.
Experience with vulnerability management tools, such as Nexpose.
Experience with endpoint security to mentor and coach junior security team members.
Experience managing SIEM solutions (e.g. Splunk).
Experience working with network security controls (Routers, Firewalls, Proxies, ACL’s, Wireless networking protocols).
Expertise with authentication and authorization technologies.
Capable of analyzing, creating, and maintaining security requirements.
Love of automation in a heterogeneous environment. Powershell and Python are your friends.
Strong written and oral communication skills. Comfortable interacting with Executive Team.
Bachelors Degree or equivalent work experience.
[Bonus] Experience with healthcare privacy and security requirements.
At Allscripts, our greatest strength comes from bringing together talented people with diverse perspectives to support the technology needs of 180,000 physicians, 1,500 hospitals and 10,000 post-acute organizations across the globe. Allscripts offers a comprehensive compensation and benefits package, including holidays, vacation, medical, dental, and vision insurance, company paid life insurance and retirement savings.
Allscripts policy is to provide equal employment opportunity and affirmative action in all of its employment practices without regard to race, color, religion, sex, national origin, ancestry, marital status, protected veteran status, age, individuals with disabilities, sexual orientation or gender identity or expression or any other legally protected category. Applicants for North American based positions with Allscripts must be legally authorized to work in the United States or Canada. Verification of employment eligibility will be required as a condition of hire.
From a "VEVRAA Federal Contractor" We request Priority Referral of Protected Veterans