Sr Vulnerability Engineer

What We're Looking For

A senior security engineer to help build and evolve an engineering-driven vulnerability management program, focused on turning vulnerability data into clear, actionable risk signals embedded in modern engineering workflows. This role emphasizes automation, systems design, and practical risk reduction across application, cloud, and infrastructure environments. It is not primarily a tool-operations, ticket-tracking, or audit-administration role.

What You Will Do

You Will:

• Design, build, and operate an engineering-first vulnerability management capability for Datavant's applications and infrastructure, with a primary focus on reducing real exploit risk.
• Build and maintain automation and data pipelines that ingest, normalize, correlate, and prioritize vulnerability signals across multiple sources, treating vendor tools as inputs rather than systems of record.
• Develop self-service, engineer-facing dashboards and workflows that provide clear prioritization and actionable insight, rather than compliance-only reporting.
• Partner closely with product and engineering teams to assess vulnerability risk in context, communicate exploitability and impact clearly, and recommend practical remediation or mitigation options.
• Embed high-confidence vulnerability signals into existing engineering workflows (CI/CD, PRs, backlogs) to drive adoption with minimal friction.
• Drive vulnerability risk reduction by validating that remediation or compensating controls meaningfully reduce exposure, rather than tracking ticket closure alone.
• Translate compliance control intent into scalable, low-friction engineering implementations that produce audit-ready evidence through automation.
• Serve as a technical subject matter expert during FedRAMP and other assessments by validating controls, remediation effectiveness, and technical evidence, without owning manual audit administration.
• Lead and execute technical projects that advance Datavant's vulnerability management and application security capabilities.
• Act as a senior technical leader and influencer, shaping program direction through sound engineering judgment, hands-on execution, and cross-functional collaboration.

What You Need to Succeed

• Deep technical expertise in vulnerability management and application security, with hands-on experience assessing, prioritizing, and reducing vulnerability risk in modern software environments.
• Strong engineering background with demonstrated ability to design, build, and automate solutions (e.g., data pipelines, integrations, workflows, dashboards) rather than relying on manual or tool-driven processes. Python or GoLang strongly preferred.
• Practical experience working across application, cloud, and container security in AWS and/or Azure, including real-world vulnerability assessment in complex or multi-cloud environments.
• Solid understanding of security controls and assurance goals, with the ability to translate standards such as NIST, CIS, and FedRAMP into low-friction, scalable engineering implementations.
• Ability to reason clearly about exploitability, exposure, impact, and compensating controls, and to apply that reasoning to prioritize work that meaningfully reduces risk.
• Experience partnering closely with product and engineering teams throughout the software lifecycle, from design and build through deployment and operation.
• Strong communication skills, with the ability to explain security risk, tradeoffs, and remediation options to both technical and non-technical stakeholders.
• Demonstrated ability to operate effectively in fast-paced environments, delivering impact quickly while navigating ambiguity and limited dependencies.
• Broad understanding of how security functions (product security, platform security, GRC, operations) work together, and how vulnerability management fits into the larger system.
• Familiarity with commercial cloud security platforms (e.g., Wiz) is a plus, but the ability to reason beyond tool outputs and build custom solutions is essential.

What Helps You Stand Out

• Demonstrated technical thought leadership in vulnerability management, with a track record of shaping how risk is modeled, prioritized, and reduced in modern engineering environments.
• Prior hands-on experience architecting and building automated vulnerability management or security data platforms, not just operating commercial tools.
• Strong systems-level thinking, including experience designing secure, scalable solutions across complex application and cloud ecosystems.
• Experience applying security and compliance requirements in highly regulated environments (e.g., healthcare, FedRAMP High/Moderate), including representing technical programs to auditors or government stakeholders.
• Experience coding and prototyping with modern developer tooling, including AI-assisted development workflows such as Claude Code, to accelerate delivery and reduce operational toil.