Expert Security Engineer

Expert Security Engineer Location: US, Canada (Remote) Employment Type: Full-time About Altera Altera, a member of the N. Harris Computer Corporation family, delivers health IT solutions that support caregivers around the world. These include the Sunrise, Paragon Daneli, TouchWorks EHR, Altera Opal, Ventus, HealthQuest and dbMotion solutions. At the intersection of technology and the human experience, Altera Digital Health is driving a new era of healthcare, in which innovation and expertise can elevate care delivery and inspire healthier communities across the globe. A new age in healthcare technology has just begun. Position Summary As an Expert Security Engineer at Altera, you will be at the forefront of our proactive security efforts, specializing in ethical hacking and penetration testing. This role is critical for actively identifying and exploiting vulnerabilities across our applications, infrastructure, and cloud environments. We are seeking a highly skilled individual with a deep understanding of application architecture and security controls, capable of independently uncovering security flaws and articulating complex findings to diverse audiences. Key Responsibilities Ethical Hacking & Penetration Testing: Lead and execute advanced penetration tests and ethical hacking engagements against Altera's critical systems, applications, and networks to identify and exploit security weaknesses. Application Security Expertise: Conduct in-depth security reviews of applications, with a strong focus on understanding how they are built (e.g., Java-based applications) to uncover design flaws, coding vulnerabilities, and misconfigurations. Vulnerability Identification & Exploitation: Independently identify, analyze, and validate security vulnerabilities with high fidelity, demonstrating the ability to exploit them to assess potential impact. Tool Proficiency: Leverage and master industry-standard penetration testing tools. Reporting & Communication: Clearly articulate complex technical findings, security risks, and actionable remediation strategies through comprehensive written reports and compelling presentations to both technical teams and non-technical stakeholders, including customers. Consultation & Guidance: Provide expert consultation to development, operational, and other business units on secure design principles, application of security best practices, and the effective use of advanced security technologies. Threat Intelligence: Maintain heightened awareness of current security vulnerabilities, attack vectors, and mitigation techniques, proactively communicating relevant findings and recommendations. Role Requirements Total Years of Experience: 5 years of progressive experience in cybersecurity, with a minimum of 3 years dedicated to ethical hacking, penetration testing, and application security. Mandatory Skills: Proven expertise in ethical hacking and penetration testing methodologies, including network, web application, API, and cloud penetration testing. Deep understanding of application security principles, secure coding practices, and common vulnerabilities (e.g., OWASP Top 10, SANS Top 25). Expert-level proficiency with penetration testing tools. Strong understanding of application architecture and development. Demonstrated ability to independently identify, validate, and exploit security vulnerabilities with high fidelity. Exceptional verbal and written communication skills, with the ability to clearly articulate complex technical findings, risks, and remediation strategies to diverse audiences. Strong presentation skills, capable of conveying security insights and recommendations effectively to customers and internal stakeholders. Experience with cloud security assessments (e.g., Microsoft Azure Security). Familiarity with various security technologies (e.g., EDR, IDS/IPS, Firewalls, SIEM, Vulnerability Management tools) from an attacker's perspective. Good to Have/Preferred Skills: Experience with scripting languages (e.g., Python, PowerShell) for automation and custom tool development. Relevant offensive security certifications such as OSCP, OSWE, GPEN, GWAPT, or other advanced GIAC certifications. Industry-recognized certifications like CISSP, CompTIA Security+, or CySA+. Expert knowledge of Linux and Windows operating systems. Experience in security engineering, operations, and design best practices. Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related technical field. Salary range $100,000 - $120,000 USD Harris provides mission critical software solutions for the Public Sector, Healthcare, Utilities and Private Sector verticals throughout North America, Europe, Asia and Australia. Working for Harris is the perfect opportunity to fulfill your professional goals as well as achieve your personal dreams! Our employees enjoy a casual work environment that offers comfort while providing superior service to our customers. We offer a comprehensive benefit package as well as other additional Perks! We empower our employees to make a difference We have an award winning culture We offer opportunity to learn We are financially strong and we are owned by the largest software company in Canada (CSI) We have fun! Follow us on social media to learn more about our company values, culture and initiatives! Harris is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at (1)-... or at ... This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. Our commitment to fair and equitable hiring. As part of our recruitment process, we use artificial intelligence (AI) tools during the initial screening phase to help identify candidates whose qualifications most closely align with the requirements of the role. This technology supports efficiency and consistency in the early stages, but it never replaces human judgement. All subsequent evaluations and final hiring decisions are made by our recruitment professionals. AI does not make final hiring decisions.