Apply on Employer Site

Datavant · 13 hours ago

Sr Vulnerability Engineer

United States

Full-time

Remote

Senior Level

$184K/yr - $230K/yr

Datavant is a data platform company and the world’s leader in health data exchange. They are seeking a senior security engineer to build and evolve an engineering-driven vulnerability management program focused on actionable risk signals and automation across various environments.

BiopharmaClinical TrialsData IntegrationHealth CareSoftware

No H1B

Responsibilities

Design, build, and operate an engineering-first vulnerability management capability for Datavant’s applications and infrastructure, with a primary focus on reducing real exploit risk

Build and maintain automation and data pipelines that ingest, normalize, correlate, and prioritize vulnerability signals across multiple sources, treating vendor tools as inputs rather than systems of record

Develop self-service, engineer-facing dashboards and workflows that provide clear prioritization and actionable insight, rather than compliance-only reporting

Partner closely with product and engineering teams to assess vulnerability risk in context, communicate exploitability and impact clearly, and recommend practical remediation or mitigation options

Embed high-confidence vulnerability signals into existing engineering workflows (CI/CD, PRs, backlogs) to drive adoption with minimal friction

Drive vulnerability risk reduction by validating that remediation or compensating controls meaningfully reduce exposure, rather than tracking ticket closure alone

Translate compliance control intent into scalable, low-friction engineering implementations that produce audit-ready evidence through automation

Serve as a technical subject matter expert during FedRAMP and other assessments by validating controls, remediation effectiveness, and technical evidence, without owning manual audit administration

Lead and execute technical projects that advance Datavant’s vulnerability management and application security capabilities

Qualification

Vulnerability managementApplication securityAutomationCloud securityData pipelinesAWSAzureNIST standardsSystems-level thinkingCommunicationTechnical leadershipCollaboration

Required

Deep technical expertise in vulnerability management and application security, with hands-on experience assessing, prioritizing, and reducing vulnerability risk in modern software environments

Strong engineering background with demonstrated ability to design, build, and automate solutions (e.g., data pipelines, integrations, workflows, dashboards) rather than relying on manual or tool-driven processes

Practical experience working across application, cloud, and container security in AWS and/or Azure, including real-world vulnerability assessment in complex or multi-cloud environments

Solid understanding of security controls and assurance goals, with the ability to translate standards such as NIST, CIS, and FedRAMP into low-friction, scalable engineering implementations

Ability to reason clearly about exploitability, exposure, impact, and compensating controls, and to apply that reasoning to prioritize work that meaningfully reduces risk

Experience partnering closely with product and engineering teams throughout the software lifecycle, from design and build through deployment and operation

Strong communication skills, with the ability to explain security risk, tradeoffs, and remediation options to both technical and non-technical stakeholders

Demonstrated ability to operate effectively in fast-paced environments, delivering impact quickly while navigating ambiguity and limited dependencies

Broad understanding of how security functions (product security, platform security, GRC, operations) work together, and how vulnerability management fits into the larger system

Preferred

Python or GoLang strongly preferred

Familiarity with commercial cloud security platforms (e.g., Wiz) is a plus, but the ability to reason beyond tool outputs and build custom solutions is essential

Demonstrated technical thought leadership in vulnerability management, with a track record of shaping how risk is modeled, prioritized, and reduced in modern engineering environments

Prior hands-on experience architecting and building automated vulnerability management or security data platforms, not just operating commercial tools

Experience applying security and compliance requirements in highly regulated environments (e.g., healthcare, FedRAMP High/Moderate), including representing technical programs to auditors or government stakeholders

Experience coding and prototyping with modern developer tooling, including AI-assisted development workflows such as Claude Code, to accelerate delivery and reduce operational toil

Company

Datavant

Glassdoor3.5

Datavant protects, connects, and delivers the world’s health data to power better decisions and advance human health.

Founded in 2017

Phoenix, Arizona, USA

5001-10000 employees

https://datavant.com

Funding

Current Stage

Late Stage

Total Funding

$80.5M

Key Investors

Transformation Capital

2020-10-08Series B· $40M

2018-04-30Series Unknown· $40.5M

Leadership Team

Jasmin Phua

Head of Government Solutions

Recent News

GlobeNewswire

Why Clinical Data Analytics Is Becoming One of Healthcare’s Fastest-Growing Markets?

2026-01-19

GlobeNewswire

Real World Evidence Solutions Market Trends Analysis Report 2025-2033: Expansion Driven by Rising R&D Spend, Growing Real-World Data Volumes, and Increasing Regulatory Acceptance

2026-01-05

Mobihealthnews

New Horizon expands wound care portfolio with Applied Tissue acquisition

2025-12-31

Company data provided by crunchbase