DevSecOps Engineer

About Provation:

Provation is a leading provider of healthcare software and SaaS solutions for clinical productivity, care coordination, quality reporting, and billing. Our purpose is to empower providers to deliver quality healthcare for all. Provation's comprehensive portfolio spans the entire patient encounter, from pre-procedure through post-procedure, with solutions for physician and nursing documentation (Provation® MD, Provation® Apex, MD-Reports, Provation® endoPRO®, and Provation® MultiCaregiver), anesthesia documentation (#1 Best in KLAS Provation® iPro), patient engagement, surgical care coordination, quality reporting, and billing capture (Provation® SurgicalValet™), order set and care plan management (Provation® Order Set Advisor™ and Provation® Care Plans), and EHR embedded clinical documentation (Provation® Clinic Note). Provation has a loyal customer base, serving more than 5,000 hospitals, surgery centers, and medical offices, and 700 physician groups globally, including 19 of the top 20 U.S. hospitals. In 2021, Provation was acquired by Fortive Corporation, a Fortune 1000 company that builds essential technology and accelerates transformation in high-impact fields like workplace safety, engineering, and healthcare. For more information about our solutions, visit provationmedical.com and follow us on Twitter, Facebook, and LinkedIn.

Our purpose at Provation is to empower providers to deliver quality healthcare for all. To deliver on this commitment, we're guided by our core values -

Provation has a culture of CARES:

Community - We have a shared sense of improving healthcare, enriching the broader world we live in and serve.

Accountability - We own it and get it done with integrity.

Respect - We build diverse teams that collaborate and communicate with positive intent and trust.

Excellence - We welcome new ideas as we innovate quality solutions.

Service - We are passionate about putting customers first.

Description:

As a DevSecOps Engineer, reporting directly to the Information Security Manager, you will play a crucial role in developing and maintaining secure development life cycle (SDLC) practices and assisting with internal corporate security responsibilities. You will focus on automating tasks related to security, system hardening, vulnerability and penetration testing, and CI/CD deployment. You will also be responsible for analyzing and managing security events, assisting in security and compliance audits, and creating comprehensive dashboards and reports to monitor the security status of the operational environment.

Duties & Responsibilities:

• Responsible for helping build and maintain secure SDLC practices with a code first mentality in efforts towards continuous improvement that meet evolving security and compliance requirements.
• Self-motivated for opportunities to automate tasks pertaining to container security, hardening, baselining, vulnerability scanning, vulnerability scanning, pen testing, and CI/CD.
• Analyze, triage, and manage incoming security events based on various data points, log sources and network statistics and perform on-call duties.
• Assist the Security & Compliance team during audits and proactively identify methods for automation of evidence collection.
• Build and maintain holistic dashboards and automated reports to display the overall status of our secured environments for internal and external audiences.
• Provide expertise in and oversee corporate IT security tooling and initiatives.
• Partner and collaborate with Legal and Technical Sales teams to provide cybersecurity feedback on security agreements, questionnaires, and periodically participate in security-focused customer calls.
• Other duties and projects as assigned.

Qualifications:

Education & Experience

• Associate degree in a Computer Science, or related field, and two years' experience with IT security operations, or equivalent combination of education and experience.
• Experience with DevOps, and familiarity with security standards and compliance frameworks including ISO 27001, SOC, HIPAA, HITRUST, NIST, FedRAMP, etc.
• Must have (or willingness to obtain) industry standard security certifications (e.g. Security+, CEH, CISSP).
• Willingness to learn new technologies and work in a fast paced, growing and rapidly changing environment.

Other Knowledge, Skills, Abilities:

• Experience with Azure and/or AWS.
• Familiarity with SAST and DAST tooling, vulnerability scanners, and remediation of findings.
• Knowledge of security incident response procedures.
• Strong communication skills to effectively communicate risks and integrate security practices seamlessly into development and operational processes.

Fortive Corporation Overview:

Fortive Corporation Overview

Fortive's essential technology makes the world stronger, safer, and smarter. We accelerate transformation across a broad range of applications including environmental, health and safety compliance, industrial condition monitoring, next-generation product design, and healthcare safety solutions.

We are a global industrial technology innovator with a startup spirit. Our forward-looking companies lead the way in software-powered workflow solutions, data-driven intelligence, AI-powered automation, and other disruptive technologies. We're a force for progress, working alongside our customers and partners to solve challenges on a global scale, from workplace safety in the most demanding conditions to groundbreaking sustainability solutions.

We are a diverse team 18,000 strong, united by a dynamic, inclusive culture and energized by limitless learning and growth. We use the proven Fortive Business System (FBS) to accelerate our positive impact.

At Fortive, we believe in you. We believe in your potential-your ability to learn, grow, and make a difference.

At Fortive, we believe in us. We believe in the power of people working together to solve problems no one could solve alone.

At Fortive, we believe in growth. We're honest about what's working and what isn't, and we never stop improving and innovating.

Fortive: For you, for us, for growth.

Ready to move your career forward? Find out more at careers.fortive.com.

EEO Statement:

We Are an Equal Opportunity Employer

Fortive Corporation and all Fortive Companies are proud to be equal opportunity employers. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity or expression, or other characteristics protected by law. Fortive and all Fortive Companies are also committed to providing reasonable accommodations for applicants with disabilities. Individuals who need a reasonable accommodation because of a disability for any part of the employment process should ask to speak with a Human Resources representative to request an accommodation.