Job Description

How is this Team contributing to the vision of Providence:Cybersecurity at Providence is responsible for appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients)What will you be responsible for?

• Responsible for driving software security and code security practices that meets Providence software security policies to ensure Providence developed application code is secure and code vulnerabilities are remediated.
• Driving code security reviews and false positive analysis and shares best practices across the team.
• Identify scope for implementing security best practices and implement process workflows that strengthen the overall security posture.
• Participate in all aspects of agile software development, including design, implementation, and deployment to include code security aspects wherever needed in the application building phase.
• Troubleshoot, debug, and optimize security code remediation methods and stay ahead of with industry trends and emerging technologies related to secure code practices.

What would your day look like?

• Collaborate with cross-functional developer teams and engage in code scanning activities within Providence code repositories (ADO and GitHub)
• Propagate and educate developer teams about secure coding practices and assist in remediating code vulnerabilities identified in the scan.
• Identify and implement secure coding practices that aligns with industry standard frameworks such as NIST, CIS and Providence information security policies etc.
• Set-up regular meeting with stakeholders to show progress of software security scans and code vulnerabilities trends.
• Clearly communicate roadmap, backlog, and team updates across the organization.

Who are we looking for?

• Bachelor\'s degree in related filed, to include computer science, cyber security or equivalent combination of education and experience.
• 3-5 years of relevant post-qualification experience, with at least 3 years of proven experience in Application security testing, code scanning techniques, software security analysis and software code vulnerability remediation.
• Solid understanding of Static Software Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA) and Code Security best practices.
• Hands-on experience in DAST, SAST, SCA vulnerabilities remediation and reporting with any industry leading toolset.
• Solid understanding in CI/CD pipelines and configuration of pipelines using GitHub actions or ADO pipelines or any automated method to perform code security scans in the code build process.
• Good understanding in implementing DevOps security best practices while building solutions.
• Familiarity with cloud native solutions, application containerization and container orchestration (Docker, Kubernetes), Infrastructure as Code (IaC), helm charts and YAML template configuration.
• Solid understanding of API integrations, code testing, integration testing and UAT testing methods.
• Scripting or programming understanding with Shell scripting, Power Shell, Python, KQL etc.

Providence\xe2\x80\x99s vision to create \xe2\x80\x98Health for a Better World\xe2\x80\x99 aids us to provide a fair and equitable workplace for all in our employment, whether temporary, part-time or full time, and to promote individuality and diversity of thought and background, and acknowledge its role in the organization\xe2\x80\x99s success. This makes us committed towards equal employment opportunities, regardless of race, religion or belief, color, ancestry, disability, marital status, gender, sexual orientation, age, nationality, ethnic origin, pregnancy, or related needs, mental or sensory disability, HIV Status, or any other category protected by applicable law. In furtherance to our mission in building a more inclusive and equitable environment, we shall, from time to time, undertake programs to assist, uplift and empower underrepresented groups including but not limited to Women, PWD (Persons with Disabilities), LGTBQ+ (Lesbian, Gay, Transgender, Bisexual or Queer), Veterans and others. We strive to address all forms of discrimination or harassment and provide a safe and confidential process to report any misconduct.Contact our also, read our .

Providence India