Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

User Profile


The Software Security Leader is an individual responsible for ensuring OpenMRS Community-supported software is secure by determining security requirements; overseeing planning, implementing, and testing of security; defining community security policies & conventions; and, mentoring community developers in security best practices.


  • Dedication to OpenMRS mission, vision, and values
  • Detailed technical knowledge of techniques, standards, and state-of-the-art approaches to security vulnerabilities and remediation
  • Strong skills and experience in software security best practices, including Java and JavaScript
  • Good communication skills and ability to work well with people of different cultures
  • Enough available, dedicated time to fulfill responsibilities


  • Software Security
    • Define policies for handling security issues within the OpenMRS Developer Community
    • Oversee community volunteers in planning, implementing, and testing of security
    • Contribute to all levels of the architecture (e.g., Core API, Platform, Reference Application, and Modules)
  • Advocating security best practices and finding ways to promote these through community culture and tooling
    • Including security tips in documentation
    • Getting developers thinking about security during sprints
    • Embedding best practices in SDK and reference software
    • Promoting strong security practices in OpenMRS APIs & software libraries
  • Mentoring community developers in security best practices and organizing volunteers interested in helping with security-related issues
  • Develop familiarity on new tools and best practices
  • Reporting on security status to the community and to other leaders within the community
  • Defining goals for security
    • Appropriate logging and notification of security issues
    • Response time to security issues