Sr Manager, Vulnerability & Exposure Management

Datavant is a data platform company and the world’s leader in health data exchange. Our vision is that every healthcare decision is powered by the right data, at the right time, in the right format.

Our platform is powered by the largest, most diverse health data network in the U.S., enabling data to be secure, accessible and usable to inform better health decisions. Datavant is trusted by the world’s leading life sciences companies, government agencies, and those who deliver and pay for care. 

By joining Datavant today, you’re stepping onto a high-performing, values-driven team. Together, we’re rising to the challenge of tackling some of healthcare’s most complex problems with technology-forward solutions. Datavanters bring a diversity of professional, educational and life experiences to realize our bold vision for healthcare.

What We’re Looking For

As the Sr Manager of Vulnerability & Exposure Management, you will lead and grow a highly technical team responsible for the vulnerability and attack surface exposure reduction of Datavant’s applications and infrastructure. You’ll play a pivotal role in defining the strategy and framework for the management of risk in a shared responsibility model, guiding a team of skilled engineers, and partnering with cross-functional leaders to drive down vulnerabilities and weaknesses.

What You Will Do

• Use your deep understanding of vulnerability management to help refine the shared responsibility vulnerability and exposure management framework for Datavant.
• Consolidate the infrastructure and application security detection functions under a single banner.
• Identify and implement a solution to give Datavant a prioritized, single pane of glass view of all vulnerabilities and misconfigurations.
• Own creating the reporting and presentation for our exposure posture across all detection sources, with metrics rolled up and broken down across multiple facets to drive risk reduction.
• Simplify and where possible, automate the onboarding and integration to our scanning technologies.
• Smoothly mesh vulnerability management practices into our secure SDLC.
• Work directly with security senior leadership to ensure maturity, depth, and coverage of our exposure management program. 
• Speak on vulnerability management to government agencies on behalf of Datavant for our FedRAMP compliance.
• Have an understanding of risks, but may have some knowledge gaps in depth of risk management. It’s OK, we’ll teach you. The core skill set you bring to the table is an engineering mindset.
• Own new projects for advancing security in our environment. Be the deep technical expert and collaborate with others on the teams to ensure project success. Your impact here cannot be understated, you are a core contributor and have deep influence to empower Datavant greatness.

What You Need to Succeed

• Proven experience leading a vulnerability management program, with a strong ability to build, mentor, and inspire technical talent.
• Well-formed opinions on what makes a successful vulnerability and exposure management program
• Understanding and background in standing up vulnerability aggregation and/or ASPM platforms.
• Strong experience with vulnerability identification sources including application penetration testing, application code scanning(SCA, SAST), cloud and container analysis(CNAPP).
• Depth of knowledge working with Wiz.
• Experience with attack surface management tools.
• An engineering background with knowledge of how to automate and integrate systems through custom software development, building pipelines, and LCNC orchestration.
• Excellent collaboration and communication skills, capable of influencing stakeholders across technical and non-technical teams.
• Minimum of 5 years of experience in vulnerability management, including at least 3 years of leadership experience.
• Experience in highly regulated industries such as healthcare, with knowledge of frameworks like HIPAA, HITRUST, and SOC 2 (preferred).

What Helps You Stand Out

• A background in software engineering and automation
• Recent work in a FedRAMP environment

We are committed to building a diverse team of Datavanters who are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.

At Datavant our total rewards strategy powers a high-growth, high-performance, health technology company that rewards our employees for transforming health care through creating industry-defining data logistics products and services.

The range posted is for a given job title, which can include multiple levels. Individual rates for the same job title may differ based on their level, responsibilities, skills, and experience for a specific job.

The estimated total cash compensation range for this role is:$224,000—$260,000 USD

To ensure the safety of patients and staff, many of our clients require post-offer health screenings and proof and/or completion of various vaccinations such as the flu shot, Tdap, COVID-19, etc. Any requests to be exempted from these requirements will be reviewed by Datavant Human Resources and determined on a case-by-case basis. Depending on the state in which you will be working, exemptions may be available on the basis of disability, medical contraindications to the vaccine or any of its components, pregnancy or pregnancy-related medical conditions, and/or religion.

This job is not eligible for employment sponsorship.

Datavant is committed to a work environment free from job discrimination. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status. To learn more about our commitment, please review our EEO Commitment Statement here. Know Your Rights, explore the resources available through the EEOC for more information regarding your legal rights and protections. In addition, Datavant does not and will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay. 

At the end of this application, you will find a set of voluntary demographic questions. If you choose to respond, your answers will be anonymous and will help us identify areas for improvement in our recruitment process. (We can only see aggregate responses, not individual ones. In fact, we aren’t even able to see whether you’ve responded.) Responding is entirely optional and will not affect your application or hiring process in any way.

Datavant is committed to working with and providing reasonable accommodations to individuals with physical and mental disabilities. If you need an accommodation while seeking employment, please request it here, by selecting the ‘Interview Accommodation Request’ category. You will need your requisition ID when submitting your request, you can find instructions for locating it here. Requests for reasonable accommodations will be reviewed on a case-by-case basis.

For more information about how we collect and use your data, please review our Privacy Policy.