Sr Vulnerability Engineer
Company: Datavant
Location: New York City
Posted on: February 14, 2026
|
|
|
Job Description:
Job Description Job Description Datavant is the data
collaboration platform trusted for healthcare. Guided by our
mission to make the world's health data secure, accessible and
actionable, we provide critical data solutions for organizations
across the healthcare ecosystem - including providers, health
plans, researchers, and life sciences companies. From fulfilling a
single patient's request for their medical records to powering the
AI revolution in healthcare, Datavanters are building the future of
how data is connected and used to improve health. By joining
Datavant today, you're stepping onto a driven and highly
collaborative team that is passionate about creating transformative
change in healthcare. What We're Looking For A senior security
engineer to help build and evolve an engineering-driven
vulnerability management program, focused on turning vulnerability
data into clear, actionable risk signals embedded in modern
engineering workflows. This role emphasizes automation, systems
design, and practical risk reduction across application, cloud, and
infrastructure environments. It is not primarily a tool-operations,
ticket-tracking, or audit-administration role. What You Will Do You
Will: Design, build, and operate an engineering-first vulnerability
management capability for Datavant's applications and
infrastructure, with a primary focus on reducing real exploit risk.
Build and maintain automation and data pipelines that ingest,
normalize, correlate, and prioritize vulnerability signals across
multiple sources, treating vendor tools as inputs rather than
systems of record. Develop self-service, engineer-facing dashboards
and workflows that provide clear prioritization and actionable
insight, rather than compliance-only reporting. Partner closely
with product and engineering teams to assess vulnerability risk in
context, communicate exploitability and impact clearly, and
recommend practical remediation or mitigation options. Embed
high-confidence vulnerability signals into existing engineering
workflows (CI/CD, PRs, backlogs) to drive adoption with minimal
friction. Drive vulnerability risk reduction by validating that
remediation or compensating controls meaningfully reduce exposure,
rather than tracking ticket closure alone. Translate compliance
control intent into scalable, low-friction engineering
implementations that produce audit-ready evidence through
automation. Serve as a technical subject matter expert during
FedRAMP and other assessments by validating controls, remediation
effectiveness, and technical evidence, without owning manual audit
administration. Lead and execute technical projects that advance
Datavant's vulnerability management and application security
capabilities. Act as a senior technical leader and influencer,
shaping program direction through sound engineering judgment,
hands-on execution, and cross-functional collaboration. What You
Need to Succeed Deep technical expertise in vulnerability
management and application security, with hands-on experience
assessing, prioritizing, and reducing vulnerability risk in modern
software environments. Strong engineering background with
demonstrated ability to design, build, and automate solutions
(e.g., data pipelines, integrations, workflows, dashboards) rather
than relying on manual or tool-driven processes. Python or GoLang
strongly preferred. Practical experience working across
application, cloud, and container security in AWS and/or Azure,
including real-world vulnerability assessment in complex or
multi-cloud environments. Solid understanding of security controls
and assurance goals, with the ability to translate standards such
as NIST, CIS, and FedRAMP into low-friction, scalable engineering
implementations. Ability to reason clearly about exploitability,
exposure, impact, and compensating controls, and to apply that
reasoning to prioritize work that meaningfully reduces risk.
Experience partnering closely with product and engineering teams
throughout the software lifecycle, from design and build through
deployment and operation. Strong communication skills, with the
ability to explain security risk, tradeoffs, and remediation
options to both technical and non-technical stakeholders.
Demonstrated ability to operate effectively in fast-paced
environments, delivering impact quickly while navigating ambiguity
and limited dependencies. Broad understanding of how security
functions (product security, platform security, GRC, operations)
work together, and how vulnerability management fits into the
larger system. Familiarity with commercial cloud security platforms
(e.g., Wiz) is a plus, but the ability to reason beyond tool
outputs and build custom solutions is essential. What Helps You
Stand Out Demonstrated technical thought leadership in
vulnerability management, with a track record of shaping how risk
is modeled, prioritized, and reduced in modern engineering
environments. Prior hands-on experience architecting and building
automated vulnerability management or security data platforms, not
just operating commercial tools. Strong systems-level thinking,
including experience designing secure, scalable solutions across
complex application and cloud ecosystems. Experience applying
security and compliance requirements in highly regulated
environments (e.g., healthcare, FedRAMP High/Moderate), including
representing technical programs to auditors or government
stakeholders. Experience coding and prototyping with modern
developer tooling, including AI-assisted development workflows such
as Claude Code, to accelerate delivery and reduce operational toil.
We are committed to building a diverse team of Datavanters who are
all responsible for stewarding a high-performance culture in which
all Datavanters belong and thrive. We are proud to be an Equal
Employment Opportunity employer and all qualified applicants will
receive consideration for employment without regard to race, color,
sex, sexual orientation, gender identity, religion, national
origin, disability, veteran status, or other legally protected
status. At Datavant our total rewards strategy powers a
high-growth, high-performance, health technology company that
rewards our employees for transforming health care through creating
industry-defining data logistics products and services. The range
posted is for a given job title, which can include multiple levels.
Individual rates for the same job title may differ based on their
level, responsibilities, skills, and experience for a specific job.
The estimated total cash compensation range for this role is:
$184,000—$230,000 USD To ensure the safety of patients and staff,
many of our clients require post-offer health screenings and proof
and/or completion of various vaccinations such as the flu shot,
Tdap, COVID-19, etc. Any requests to be exempted from these
requirements will be reviewed by Datavant Human Resources and
determined on a case-by-case basis. Depending on the state in which
you will be working, exemptions may be available on the basis of
disability, medical contraindications to the vaccine or any of its
components, pregnancy or pregnancy-related medical conditions,
and/or religion. This job is not eligible for employment
sponsorship. Datavant is committed to a work environment free from
job discrimination. We are proud to be an Equal Employment
Opportunity employer and all qualified applicants will receive
consideration for employment without regard to race, color, sex,
sexual orientation, gender identity, religion, national origin,
disability, veteran status, or other legally protected status. To
learn more about our commitment, please review our EEO Commitment
Statement here. Know Your Rights, explore the resources available
through the EEOC for more information regarding your legal rights
and protections. In addition, Datavant does not and will not
discharge or in any other manner discriminate against employees or
applicants because they have inquired about, discussed, or
disclosed their own pay. At the end of this application, you will
find a set of voluntary demographic questions. If you choose to
respond, your answers will be anonymous and will help us identify
areas for improvement in our recruitment process. (We can only see
aggregate responses, not individual ones. In fact, we aren't even
able to see whether you've responded.) Responding is entirely
optional and will not affect your application or hiring process in
any way. Datavant is committed to working with and providing
reasonable accommodations to individuals with physical and mental
disabilities. If you need an accommodation while seeking
employment, please request it here, by selecting the 'Interview
Accommodation Request' category. You will need your requisition ID
when submitting your request, you can find instructions for
locating it here. Requests for reasonable accommodations will be
reviewed on a case-by-case basis. For more information about how we
collect and use your data, please review our Privacy Policy.
Keywords: Datavant, Levittown , Sr Vulnerability Engineer, IT / Software / Systems , New York City, New York
