Penetration Tester- Sr Security Engineer at Allscripts in Raleigh, North Carolina

Job Description:

Welcome to Veradigm! Our Mission is to be the most trusted provider of innovative solutions that empower all stakeholders across the healthcare continuum to deliver world-class outcomes. Our Vision is a Connected Community of Health that spans continents and borders. With the largest community of clients in healthcare, Veradigm is able to deliver an integrated platform of clinical, financial, connectivity and information solutions to facilitate enhanced collaboration and exchange of critical patient information.

REMOTE Position

Job Summary:

The Senior Security Engineer's primary role is to lead the development and continuous improvement of our internal penetration testing program. Responsibilities will include performing detailed security assessments on a variety of applications to identify vulnerabilities and offer solutions. You will also conduct simulated attacks to test our defenses and stay updated with the latest security threats and countermeasures. This role will also extend to participating in incident response activities by supporting forensic analyses of systems and log data. Ideal candidates will demonstrate an offensive mindset with the ability to recommend practical mitigation strategies and solutions.

What you will contribute:

• Establish internal penetration testing program to include underlying testing frameworks and methodologies.
• Ensure continuous improvement and integration of new technologies and practices.
• Perform comprehensive security assessments of web, mobile, and desktop applications to identify vulnerabilities and provide actionable remediation guidance.
• Conduct simulated attacks on our network, applications, and other IT resources to evaluate our defenses and incident response capabilities.
• Stay updated with the latest security threats, vulnerabilities, and mitigation techniques.
• Develop custom tools and scripts to automate and enhance security testing efforts.
• Prepare detailed reports on findings and remediation strategies. Present findings to technical and non-technical stakeholders with analysis of impact and likelihood of exploitation.
• Provide detailed recommendations and guidance for remediating vulnerabilities.
• Responsible for developing and monitoring Key Performance Indicators (KPIs) to assess the effectiveness, efficiency, and impact of the penetration testing program, ensuring continuous improvement in identifying and mitigating security vulnerabilities.

• Participate in the incident response lifecycle as a secondary responsibility and potentially initiate incident response protocols.
• Assist with conducting forensic investigations to understand the source and impact of security breaches.

The ideal candidate will have:

• Bachelor's Degree or equivalent Technical / Business experience Required
• 4-7 years relevant work experience Preferred
• 3+ years in a comparable security role Required
• CISSP, OSCP, OSCE, CEH, or other relevant certifications are highly desirable.
• Ability to navigate through compliance requirements and understand their impact on security assessments.
• Expertise in penetration testing tools and methodologies, including both manual and automated testing techniques.
• Strong understanding of network protocols, cryptography, OWASP top 10, and common attack vectors.

• Mastery of tools such as Metasploit, Burp Suite, Wireshark, Nmap, and others.
• Proficient in performing penetration tests on web applications, networks, and systems for both cloud (AWS and Azure) and on-premise environments.
• Knowledge of scripting and programming languages like Python, Bash, or Perl to automate tasks and write custom exploits.

• Excellent verbal and written communication skills. Ability to explain complex security issues and risks to non-technical stakeholders.
• Strong analytical and problem-solving skills with the ability to think like both an attacker and a defender.

#LI-TS1

Enhancing Lives and Building Careers

Veradigm believes in empowering our associates with the tools and flexibility to bring the best version of themselves to work and to further their professional development. Together, we are In the Network. Interested in learning more?

Take a look at our Culture, Benefits, Early Talent Program, and Additional Openings.

We strongly advocate that our associates receive all CDC recommended vaccinations in prevention of COVID-19.

Visa Sponsorship is not offered for this position.

Veradigm policy is to provide equal employment opportunity and affirmative action in all of its employment practices without regard to race, color, religion, sex, national origin, ancestry, marital status, protected veteran status, age, individuals with disabilities, sexual orientation or gender identity or expression or any other legally protected category. Applicants for North American based positions with Veradigm must be legally authorized to work in the United States. Verification of employment eligibility will be required as a condition of hire. Veradigm is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse and inclusive workforce.

From a "VEVRAA Federal Contractor" We request Priority Referral of Protected Veterans

This is an official Veradigm Job posting. To avoid identity theft, please only consider applying to jobs posted on our official corporate site.

Thank you for reviewing this Veradigm opportunity!

PI240174493