Director, Software Security @ Practice Fusion

Who we are:

Practice Fusion connects doctors, patients and data to drive better health and save lives. With over 80 million patients served by doctors using Practice Fusion’s free cloud-based health records, Practice Fusion is the country’s largest patient-physician community.

The role:

Practice Fusion is hiring a Director, Software Security to lead security functions throughout the organization. If you live and breathe secure coding and security infrastructure while engaging with a dynamic team, this is the career opportunity for you.

The Director, Software Security oversees all information security efforts across the company. The core areas of focus include reinforcing the Secure SDLC for Engineering and Product teams, leading the charge in enhancing infrastructure security using infrastructure as code paradigm. They will also provide expert level guidance on design and architecture and lead all efforts on risk management, compliance and incident response. This role manages a small security team and reports to the SVP of Technical Operations. We’re looking for an information security director who has a background in web development, SaaS security consulting or website penetration testing, with experience in the healthcare of health-tech space.

Our ideal candidate:

• Lead efforts on threat modeling, secure code reviews (.NET, Java, Ruby), and coordinate with Software Engineering teams on secure SDLC initiatives

• Has deep technical understanding of security vulnerabilities and risks, as well as countermeasures and compensating controls
• Brings a minimum 8-10 yrs professional experience in IT, including knowledge and understanding in the areas of Software Development Life Cycle (SDLC), IT Operations, Data Center Operations, IT Project Management and IT auditing/compliance.
• Can utilize 5+ years of practical experience designing and implementing enterprise information technology security.
• Has strong demonstrated knowledge of network, server, desktop, storage and database infrastructure and how security relates to the overall IT and business environment.
• Is able to prepare and present information effectively, clearly and concisely.
• Can consult with business owners regarding their information security risks and responsibility in minimizing those risks
• Leads detailed infrastructure audits and security reviews.
• Provides secure practice guidance for cloud computing.
• Is able to lead large compliance initiatives for the organization (HITRUST, SSAE16, ISO).

Bonus points for:

• Previous experience with hands-on software development.
• Previous information security experience with penetration testing.
• Bachelor’s Degree in Computer Science, Information Systems, Business or related field or equivalent work experience; MSIA - ideal , or related graduate level degree.

All candidates for this position must have a successful outcome to a mandatory background audit required by company.

What we can offer you:

• Competitive health benefits
• 401(k), company bonus & equity
• Generous vacation & holidays
• Dog friendly office
• Mentorship programs
• Quarterly team events
• Yoga & meditation on-site