Use your deep understanding of vulnerability management to help refine the shared responsibility vulnerability and exposure management framework for Datavant.
Consolidate the infrastructure and application security detection functions under a single banner.
Simplify and where possible, automate the onboarding and integration to our scanning technologies beyond out of the box vendor connections.
Provide direct technical engineering guidance and coaching, including code review to your team.
Own creating the reporting and presentation for our exposure posture across all detection sources, with metrics rolled up and broken down across multiple facets to drive risk reduction.
Smoothly mesh vulnerability management practices into our secure SDLC.
Identify and implement a solution to give Datavant a prioritized, single pane of glass view of all vulnerabilities and misconfigurations.
Work directly with security senior leadership to ensure maturity, depth, and coverage of our exposure management program.
Speak on vulnerability management to government agencies on behalf of Datavant for our FedRAMP compliance.
Have an understanding of risks, but may have some knowledge gaps in depth of risk management. It’s OK, we’ll teach you. The core skill set you bring to the table is an engineering mindset.
Own new projects for advancing security in our environment. Be the deep technical expert and collaborate with others on the teams to ensure project success. Your impact here cannot be understated, you are a core contributor and have deep influence to empower Datavant greatness.

Requirements

Proven experience leading a vulnerability management program, with a strong ability to build, mentor, and inspire technical talent.
Well-formed opinions on what makes a successful vulnerability and exposure management program
Understanding and background in standing up vulnerability aggregation and/or ASPM platforms.
Strong experience with vulnerability identification sources including application penetration testing, application code scanning(SCA, SAST), cloud and container analysis(CNAPP).
Depth of knowledge working with Wiz.
Experience with attack surface management tools.
An engineering background with practical knowledge of how to automate and integrate systems through custom software development, building pipelines, and LCNC orchestration.
Excellent collaboration and communication skills, capable of influencing stakeholders across technical and non-technical teams.
Minimum of 5 years of experience in vulnerability management, including at least 3 years of leadership experience.
Experience in highly regulated industries such as healthcare, with knowledge of frameworks like HIPAA, HITRUST, and SOC 2 (preferred).

Benefits

Health insurance
401(k) matching
Flexible work hours
Paid time off
Remote work options

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

vulnerability managementapplication penetration testingapplication code scanningcloud analysiscontainer analysiscustom software developmentpipeline buildingLCNC orchestrationvulnerability aggregationattack surface management

Soft Skills

leadershipmentoringcollaborationcommunicationinfluencing stakeholdersengineering mindsetcoachingtechnical guidanceproject ownershiprisk reduction