Software Security Leader (OPEN)

Description

The Software Security Leader is an individual responsible for ensuring OpenMRS Community-supported software is secure by determining security requirements; overseeing planning, implementing, and testing of security; defining community security policies & conventions; and, mentoring community developers in security best practices.

Requirements

• Dedication to OpenMRS mission, vision, and values

• Detailed technical knowledge of techniques, standards, and state-of-the-art approaches to security vulnerabilities and remediation

• Strong skills and experience in software security best practices, including Java and JavaScript

• Good communication skills and ability to work well with people of different cultures

• Enough available, dedicated time to fulfill responsibilities

Responsibilities

• Software Security

  • Define policies for handling security issues within the OpenMRS Developer Community

  • Oversee community volunteers in planning, implementing, and testing of security

  • Contribute to all levels of the architecture (e.g., Core API, Platform, Reference Application, and Modules)

• Advocating security best practices and finding ways to promote these through community culture and tooling

  • Including security tips in documentation

  • Getting developers thinking about security during sprints

  • Embedding best practices in SDK and reference software

  • Promoting strong security practices in OpenMRS APIs & software libraries

• Mentoring community developers in security best practices and organizing volunteers interested in helping with security-related issues

• Develop familiarity on new tools and best practices

• Reporting on security status to the community and to other leaders within the community

• Defining goals for security

  • Appropriate logging and notification of security issues

  • Response time to security issues