Software Security Leader (OPEN)
The content of this macro can only be viewed by users who have logged in.
Description
The Software Security Leader is an individual responsible for ensuring OpenMRS Community-supported software is secure by determining security requirements; overseeing planning, implementing, and testing of security; defining community security policies & conventions; and, mentoring community developers in security best practices.
Requirements
- Dedication to OpenMRS mission, vision, and values
- Detailed technical knowledge of techniques, standards, and state-of-the-art approaches to security vulnerabilities and remediation
- Strong skills and experience in software security best practices, including Java and JavaScript
- Good communication skills and ability to work well with people of different cultures
- Enough available, dedicated time to fulfill responsibilities
Responsibilities
- Software Security
- Define policies for handling security issues within the OpenMRS Developer Community
- Oversee community volunteers in planning, implementing, and testing of security
- Contribute to all levels of the architecture (e.g., Core API, Platform, Reference Application, and Modules)
- Advocating security best practices and finding ways to promote these through community culture and tooling
- Including security tips in documentation
- Getting developers thinking about security during sprints
- Embedding best practices in SDK and reference software
- Promoting strong security practices in OpenMRS APIs & software libraries
- Mentoring community developers in security best practices and organizing volunteers interested in helping with security-related issues
- Develop familiarity on new tools and best practices
- Reporting on security status to the community and to other leaders within the community
- Defining goals for security
- Appropriate logging and notification of security issues
- Response time to security issues