Sr Vulnerability & Exposure Management Engineer

<div class="content-intro"><p>Datavant is the data collaboration platform trusted for healthcare. Guided by our mission to make the world’s health data secure, accessible and actionable, we provide critical data solutions for organizations across the healthcare ecosystem - including providers, health plans, researchers, and life sciences companies. From fulfilling a single patient’s request for their medical records to powering the AI revolution in healthcare, Datavanters are building the future of how data is connected and used to improve health. <br><br>By joining Datavant today, you’re stepping onto a driven and highly collaborative team that is passionate about creating transformative change in healthcare.</p></div><p><strong>What We’re Looking For</strong></p> <p>A senior security engineer to help build and evolve an engineering-driven vulnerability management program, focused on turning vulnerability data into clear, actionable risk signals embedded in modern engineering workflows. This role emphasizes automation, systems design, and practical risk reduction across application, cloud, and infrastructure environments. It is not primarily a tool-operations, ticket-tracking, or audit-administration role.</p> <p><strong>What You Will Do</strong></p> <p><strong>You Will:</strong></p> <ul> <li>Design, build, and operate an engineering-first vulnerability management capability for Datavant’s applications and infrastructure, with a primary focus on reducing real exploit risk.</li> <li>Build and maintain automation and data pipelines that ingest, normalize, correlate, and prioritize vulnerability signals across multiple sources, treating vendor tools as inputs rather than systems of record.</li> <li>Develop self-service, engineer-facing dashboards and workflows that provide clear prioritization and actionable insight, rather than compliance-only reporting.</li> <li>Partner closely with product and engineering teams to assess vulnerability risk in context, communicate exploitability and impact clearly, and recommend practical remediation or mitigation options.</li> <li>Embed high-confidence vulnerability signals into existing engineering workflows (CI/CD, PRs, backlogs) to drive adoption with minimal friction.</li> <li>Drive vulnerability risk reduction by validating that remediation or compensating controls meaningfully reduce exposure, rather than tracking ticket closure alone.</li> <li>Translate compliance control intent into scalable, low-friction engineering implementations that produce audit-ready evidence through automation.</li> <li>Serve as a technical subject matter expert during FedRAMP and other assessments by validating controls, remediation effectiveness, and technical evidence, without owning manual audit administration.</li> <li>Lead and execute technical projects that advance Datavant’s vulnerability management and application security capabilities.</li> <li>Act as a senior technical leader and influencer, shaping program direction through sound engineering judgment, hands-on execution, and cross-functional collaboration.</li> </ul> <p><strong>What You Need to Succeed</strong></p> <ul> <li>Deep technical expertise in vulnerability management and application security, with hands-on experience assessing, prioritizing, and reducing vulnerability risk in modern software environments.</li> <li>Strong engineering background with demonstrated ability to design, build, and automate solutions (e.g., data pipelines, integrations, workflows, dashboards) rather than relying on manual or tool-driven processes. Python or GoLang strongly preferred.</li> <li>Practical experience working across application, cloud, and container security in AWS and/or Azure, including real-world vulnerability assessment in complex or multi-cloud environments.</li> <li>Solid understanding of security controls and assurance goals, with the ability to translate standards such as NIST, CIS, and FedRAMP into low-friction, scalable engineering implementa ... (truncated, view full listing at source)