Principal Information Security Engineer

Less than 5 years experience  • 

Salary depends on experience
Posted on 03/27/18
Less than 5 years experience
Salary depends on experience
Posted on 03/27/18

Description

 Company Summary: 

Join a Fortune 300® company in the growing healthcare industry and help to secure the software solutions for their largest technology division. Henry Schein Practice Solutions, a subsidiary of New York-based Henry Schein, Inc., develops practice management software and electronic services that help dental practices run their businesses. Our solutions lead the market in technology advances and market share, and include product leaders such as Dentrix, Dentrix Enterprise, and Dentrix Ascend (cloud-based). Our customers include many of the dental industries’ highest profile constituents, including the U.S. Department of Defense. 

 

Based in American Fork, Utah, Henry Schein Practice Solutions is committed to providing our team members with the tools, training, and technology they need to excel in their roles. Our dedication to giving back to our community is illustrated in the state-of-the-art, volunteer-staffed dental center located on the first floor of our building, which provides free dental care to those in need.

 

Our parent company, Henry Schein, Inc. is the world's largest provider of health care products and services to office-based dental, medical, and animal health practitioners. A Fortune 300® Company and a member of the S&P 500® and NASDAQ 100® Indices, Henry Schein employs over 20,000 Team Schein Members throughout the world and serves more than one million customers. The Company's sales reached a record $11.6 billion in 2016. Henry Schein has also been recognized by Ethisphere for six consecutive years as the “World’s Most Ethical Company” in the Healthcare Products category, underscoring the company's longstanding commitment to leading ethical business standards and practices.

 

Job Description:

 

This position is responsible for leading department-wide focus on the strategy, development, implementation, and maintenance of the application security program across research, development, quality assurance, support, and IT systems. This is a high level, conceptual, as well as hands-on position that requires a great deal of general securityexperience, as well as application development experience and secure coding knowledge.

Mentor more junior engineers by leading and influencing technical decisions, processes, and best practices with an expert ability to explain technical concepts in written and verbal forms

  • Advise in, and participate in, the design of secure products and architectures
  • Perform architecturesecurity reviews, security focused code reviews, and security testing
  • Create or approve documentation that codifies the application security program: this will include the development of secure coding policies, procedures and standards, modification of the SDLC to include the necessary security checkpoints, product deployment, and code review methodologies
  • Evaluate potential security related issues and make recommendations on third party tools and components
  • Work closely with engineering and product teams to design and implement security-related systems and functionality, including writing secure code as necessary, and verification of threat models, risk and security posture
  • Monitor software usage and perform forensics to verify that the software and infrastructure is performing to the requiredsecurity standards
  • Perform constant monitoring and awareness of key developments in the area of systems, web application, and client application security in order to provide direction of security trends, and anticipate emerging standards and best practices
  • Provide leadership, guidance and direction to security resources and be an influencer of development, systems, support, and quality assurance teams
  • Participate in public security projects and or volunteer time and knowledge to improve the broader security community, representing the company’s mission and goals, as well as promoting cooperation and knowledge sharing
  • Communicate to senior management by demonstrating an expert skill in presenting technical concepts
  • Attend all meetings necessary for the seamless delivery of the product as part of the Software Development Life Cycle

 

 

Qualifications

 

Knowledge:

Seasoned, experienced technical expert level professional possessing and applying comprehensive knowledge of a particular field of specialization to complete work assignments.   Assignments are broad in nature and need ingenuity and originality to solve.  Require daily decision making capabilities and actions that are not reviewed by supervisor.  Operate with substantial latitude for un-reviewed action or decision.  Often play a role in high-level projects that have an impact on the company’s future direction.  Barriers to entry can exist at this level.


Job Complexity:
Work on significant issues where analysis of situations or data requires an evaluation of intangibles. Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results. Create formal networks involving coordination among groups.
Supervision:
Work on significant issues where analysis of situations or data requires an evaluation of intangibles. Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results. Create formal networks involving coordination among groups.
Work Experience:
Work on significant issues where analysis of situations or data requires an evaluation of intangibles. Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results. Create formal networks involving coordination among groups.
Preferred Experience:
Bachelor's Degree or global equivalent in related discipline.  Master's degree or global equivalent a plus.  Typically holds 2 or more industry certifications.
General Skills & Competencies:
Actively engage using unique wide-range of professional skills with an expert understanding of industry practices and company policies and procedures

  • Excellent planning/ organizational skills and techniques
  • Excellent analysis and problem solving skills
  • Excellent writing, presentation and communication skills
  • Excellent conflict resolution skills
  • Excellent independent decision making skills
  • Excellent Interpersonal skills
  • Professional maturity in delivering difficult messages in a professional and empathetic manner
  • Excellent negotiating skills
  • Act as a resource and/or mentor for colleagues with less experience; may direct the work of other staff members
  • Ability to manage a budget
  • Project management/ consultative skills
  • Expert in multiple technical and business skills
  • Ability to cultivate and develop lasting customer relations (either internal or external)

Specific Knowledge & Skills:

Excellent knowledge of secure application programming, coding life cycles and designs

  • Excellent understanding of security principles, best practices architectures, tools and processes

  • Advanced knowledge of multiple current operating systems and hosting environments

  • Advanced understanding of networking protocols

  • Excellent knowledge of software and networkarchitecture and standards

  • Excellent knowledge of authentication protocol building blocks and methods

  • Advanced ability to understand business drivers and priorities, and integrate these requirements into overall securitydesign

  • Excellent ability to conduct threat assessments and assess risk

  • Excellent ability to create and maintain risk-based measures and build security processes that work within various development methodologies

  • Excellent ability to communicate security objectives orally and in writing to a variety of audiences

  • Advanced knowledge of the technological security issues and challenges faced by corporations and governments around the world

  • Advanced ability to project and predict outcomes based on security trends and industry requirements

  • Excellent knowledge of reverse engineering techniques and tools

  • Excellent ability to implement code derived from technical specifications

  • Excellent ability to problem solve/diagnose in a technical space

  • Advanced knowledge of all programming languages leverage in the products being secured

  • Advanced knowledge of data storage formats, tools and languages     

  • Travel/Physical Demands:  
    • Travel typically 5% to 20%.
    • Office environment. No special physical demands required. 

    R101877

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.