Emerging Health Information Technology is a wholly owned subsidiary of Montefiore Medical Center. Emerging Health IT, a healthcare IT consulting and professional services company, is a dynamic organization that provides hospitals and medical centers with world-class healthcare information solutions. We provide an exciting, fast-paced environment in which dedication and innovation are rewarded and where individuals can make a difference in the lives of patients. Join us in our mission to improve the quality of healthcare through advanced IT solutions! Emerging Health IT is located in Yonkers, NY.
Concise Description of Position:
Responsible for the Patient Portal Security testing, penetration and vulnerability testing. This position requires hands on experience with secure coding practices, ethical hacking, web application firewalls and vulnerability assessment methodologies. In the role of Information Security Engineer, the candidate will also be responsible for designing, developing, and implementing high-quality dynamic websites and maintain the current web site security functions in the utilized patient portal enterprise system. The Security Engineer does all the security design, development and testing for the corporate enterprise portals.
Duties and Responsibilities:
Domain expert in the application scanning tools to assess web applications for security risks
Oversee installation and maintenance of Patient portal in the DMZ
Translate business and technical requirements into extensible, scalable, and maintainable applications
Protect mission critical applications and corresponding databases in the public domain
Work with state-of-the-art application/database layer intrusion/prevention technology
Monitor threats and provide mitigation when threats for the enterprise portals
As new portals are deployed, add any additional security permissions and roles that may be needed.
Update any additional security settings for the enterprise Portals
Work with Vendor for implementation of enterprise Portals
Monitor alerts and coordinate patch management with corresponding teams
Demonstrate best-practice knowledge and apply skills to deliver an effective solution specific to client needs
Provide front-end development and build web interfaces.
Provide DMZ application security.
Knowledge of hospital information systems is a plus.
Ability to work effectively as an individual, within a team, or as a team lead
Maintain current technical knowledge to support rapidly changing technology, always on a look out for new technologies and work with management and development team in bringing new technologies
Qualifications: BS in computer science or equivalent work experience
CISSP, #net, Java preferred
Experience with an application/database layer intrusion detection/ prevention appliance
Experience with ethical hacking and remediation efforts
Knowledge of secure coding principles and practices
Expertise in application security assessment methodologies and tools
Knowledge in optimizing Web Application Firewall
Knowledge of security standards and techniques for web applications
Understand browser-specific compatibility issues
Expertise in the design, implementation, and deployment of user-centric software, with focus on usability
Excellent Database Design knowledge / experience
Experience with XML, Web Services and/or any object oriented programming language
Significant GUI development experience