Principal Application Security Architect

**About Providence**

Providence, one of the US’s largest not-for-profit healthcare systems, is committed to high quality, compassionate healthcare for all. Driven by the belief that health is a human right and the vision, ‘Health for a better world’, Providence and its 121,000 caregivers strive to provide everyone access to affordable quality care and services.

Providence has a network of 51 hospitals, 1,000+ care clinics, senior services, supportive housing, and other health and educational services in the US.

Providence India is bringing to fruition the transformational shift of the healthcare ecosystem to Health 2.0. The India center will have focused efforts around healthcare technology and innovation, and play a vital role in driving digital transformation of health systems for improved patient outcomes and experiences, caregiver efficiency, and running the business of Providence at scale.

**Why Us?**
- Best In-class Benefits
- Inclusive Leadership
- Reimagining Healthcare
- Competitive Pay
- Supportive Reporting Relation

Cybersecurity at Providence is responsible for appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients)

**What will you be responsible for?**
- Driving code security reviews and false positive analysis and shares best practices across the team.
- Identify scope for implementing security best practices and implement process workflows that strengthen the overall security posture.
- Troubleshoot, debug, and optimize security code remediation methods and stay ahead of with industry trends and emerging technologies related to secure code practices.

**What would your work week look like?**
- Collaborate with cross-functional developer teams and engage in code scanning activities within Providence code repositories (ADO and GitHub)
- Propagate and educate developer teams about secure coding practices and assist in remediating code vulnerabilities identified in the scan.
- Identify and implement secure coding practices that aligns with industry standard frameworks such as NIST, CIS and Providence information security policies etc.
- Set-up regular meeting with stakeholders to show progress of software security scans and code vulnerabilities trends.
- Clearly communicate roadmap, backlog, and team updates across the organization.

**Who are we looking for?**
- Bachelor’s degree in related filed, to include computer science, cyber security or equivalent combination of education and experience.
- 10 years of relevant post-qualification experience, with at least 3 years of proven experience in Application security testing, code scanning techniques, software security analysis and software code vulnerability remediation.
- Solid understanding of Static Software Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA) and Code Security best practices.
- Hands-on experience in DAST, SAST, SCA vulnerabilities remediation and reporting with any industry leading toolset.
- Solid understanding in CI/CD pipelines and configuration of pipelines using GitHub actions or ADO pipelines or any automated method to perform code security scans in the code build process.
- Good understanding in implementing DevOps security best practices while building solutions.
- Solid understanding of API integrations, code testing, integration testing and UAT testing methods.
- Scripting or programming understanding with Shell scripting, Power Shell, Python, KQL etc.

Providence’s vision to create ‘Health for a Better World’ aids us to provide a fair and equitable workplace for all in our employment, whether temporary, part-time or full time, and to promote individuality and diversity of thought and background, and acknowledge its role in the organization’s success. This makes us committed towards equal employment opportunities, regardless of race, religion or belief, color, ancestry, disability, marital status, gender, sexual orientation, age, nationality, ethnic origin, pregnancy, or related needs, mental or sensory disability, HIV Status, or any other category protected by applicable law. In furtherance to our mission in building a more inclusive and equitable environment, we shall, from time to time, undertake programs to assist, uplift and empower underrepresented groups including but not limited to Women, PWD (Persons with Disabilities), LGTBQ+ (Lesbian, Gay, Transgender, Bisexual or Queer), Veterans and others. We strive to address all forms of discrimination or harassment and provide a safe and confidential process to report any misconduct.

Contact our Integrity hotline also, read our Code of Conduct.