Vulnerability & Exposure Management Engineer

Overview

Datavant is the data collaboration platform trusted for healthcare. Guided by our mission to make the world’s health data secure, accessible and actionable, we provide critical data solutions for organizations across the healthcare ecosystem - including providers, health plans, researchers, and life sciences companies. From fulfilling a single patient’s request for their medical records to powering the AI revolution in healthcare, Datavanters are building the future of how data is connected and used to improve health.

By joining Datavant today, you’re stepping onto a driven and highly collaborative team that is passionate about creating transformative change in healthcare.

A security engineer to help build and operate an engineering-driven vulnerability and exposure management program, focused on turning vulnerability data into actionable signals embedded in modern engineering workflows. This role emphasizes automation, practical risk reduction, and hands-on execution across application, cloud, and infrastructure environments. It is not primarily a ticket-tracking or audit-administration role, but a technical role contributing to scalable solutions.

• Contribute to the design, implementation, and operation of Datavant’s vulnerability and exposure management capabilities, with a focus on reducing real exploit risk.
• Build and enhance automation and workflows that ingest, normalize, and prioritize vulnerability signals across multiple sources.
• Develop and improve engineer-facing dashboards and integrations that help teams understand and act on vulnerability risk.
• Work with product and engineering teams to assess vulnerability findings, explain exploitability and impact, and support practical remediation or mitigation approaches.
• Help embed vulnerability signals into existing engineering workflows (CI/CD, PRs, backlogs) to improve visibility and adoption.
• Support validation of remediation efforts to ensure exposure is meaningfully reduced.
• Assist in translating compliance and control requirements into scalable technical implementations.
• Support FedRAMP and other assessments by validating technical evidence and remediation outcomes.
• Execute technical projects that improve vulnerability visibility, prioritization, and risk reduction.
• Contribute to improving processes, tooling, and automation within the vulnerability management program.

• Solid technical experience in vulnerability management and application security, with hands-on exposure to assessing and prioritizing vulnerability findings.
• Demonstrated ability to build or automate technical workflows using scripting or programming languages such as Python or Go.
• Experience working with application, cloud, or container security in AWS and/or Azure environments.
• Working knowledge of security controls and compliance frameworks (e.g., NIST, CIS, FedRAMP), with the ability to apply requirements in practical engineering contexts.
• Ability to reason about exploitability, exposure, and impact beyond severity scores.
• Experience collaborating with engineering teams to support remediation efforts.
• Clear communication skills and ability to explain technical risk to varied audiences.
• Ability to operate effectively in fast-paced environments with evolving priorities.
• Foundational understanding of how vulnerability management fits within broader security and engineering functions.
• Experience with commercial security tooling (e.g., SAST, SCA, cloud security platforms) and ability to interpret tool outputs critically.

• Experience building custom scripts, automations, or lightweight data pipelines to improve vulnerability visibility or prioritization.
• Exposure to highly regulated environments (e.g., healthcare, FedRAMP Moderate/High) and participation in technical audit preparation.
• Experience integrating vulnerability tooling into CI/CD pipelines or engineering workflows.
• Familiarity with cloud security platforms (e.g., Wiz) or security data tooling (e.g., Snowflake, Sigma).
• Experience using AI-assisted development tools (e.g., Claude Code) to accelerate security automation or analysis.

We are…