Application Security Engineer

Posted:
10/23/2024, 6:40:57 AM

Experience Level(s):
Junior ⋅ Mid Level ⋅ Senior

Field(s):
IT & Security ⋅ Software Engineering

Workplace Type:
Remote

Pay:
$116/hr or $241,280 total comp

Datavant is a data platform company for healthcare whose products and solutions enable organizations to move and connect data securely. Datavant has a network of networks consisting of thousands of organizations, more than 70,000 hospitals and clinics, 70% of the 100 largest health systems, and an ecosystem of 500+ real-world data partners.

By joining Datavant today, you’re stepping onto a highly collaborative, remote-first team that is passionate about creating transformative change in healthcare. We invest in our people and believe in hiring for high-potential and humble individuals who can rapidly grow their responsibilities as the company scales. Datavant is a distributed, remote-first team, and we empower Datavanters to shape their working environment in a way that suits their needs.

In this role, you'll be joining a dynamic team at the forefront of transforming healthcare data connectivity. Our team’s charter is to innovate and streamline the way healthcare data is shared and utilized, making a tangible impact on patient outcomes and industry efficiency. As a key player within this team, you will drive critical projects that enhance our platform's capabilities, directly influencing how data is integrated and leveraged across the healthcare ecosystem. Your contributions will not only shape the future of our technology but also empower healthcare providers and researchers to deliver better care. This role offers a unique opportunity to make a significant impact in a rapidly evolving field, working alongside passionate professionals dedicated to making a difference.

You will:

  • Assist in rolling out and maintaining common application security tools, such as SAST, DAST and SCA.
  • Collaborate closely with security and development teams, providing hands-on support to ensure security controls are well-integrated into the development lifecycle.
  • Document processes and controls in a way that supports and enables the development teams, creating clear, actionable documentation that helps streamline workflows.
  • Participate in the review of application projects built by our development teams, offering feedback on code and architecture to ensure security best practices are followed.
  • Support and conduct security and threat model reviews under the guidance of senior security architects, learning to provide expertise on application security and security architecture topics.
  • Collaborate with the compliance team to gather evidence for audits and respond to customer assurance requests. You will play a key role in ensuring that our security controls are well-documented, implemented effectively, and meet the necessary compliance standards.

What you will bring to the table: 

  • A collaborative and humble mindset with a passion for security.
  • A background in software development or a software engineering-adjacent field
  • 1-3 years of experience in security engineering roles, with exposure to threat modeling and security control implementation.
  • An understanding of the roles within a security team and how they work together to support development teams.
  • Ability to articulate the importance of security throughout the software development lifecycle and to suggest improvements.
  • Strong collaborative skills; you thrive on working with others and are dedicated to team success.You will be expected to communicate on challenges and blocker early and often.
  • A focus on delivery and impact, with the ability to work effectively in a fast-paced environment. You see the security team as a partner to the engineering teams, providing guidance and support.

Bonus points if:

  • You are recognized as a go-to resource for security control implementation, and development teams frequently seek your guidance.
  • You have experience working in regulated industries such as healthcare, finance, or government, with knowledge of standards such as HIPAA, HITRUST, SOC 2, PCI, or FedRAMP.

We are committed to building a diverse team of Datavanters who are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.

Our compensation philosophy is to be externally competitive, internally fair, and not win or lose on compensation. Salary ranges for this position are developed with the support of benchmarks and industry best practices. 

We’re building a high-growth, high-autonomy culture. We rely less on job titles and more on cultivating an environment where anyone can contribute, the best ideas win, and personal growth is driven by expanding impact. The range posted is for a given job title, which can include multiple levels. Individual rates for the same job title may differ based on their level, responsibilities, skills, and experience for a specific job. The estimated salary range for this role is  [$X,XXX - $X,XXX].

At the end of this application, you will find a set of voluntary demographic questions. If you choose to respond, your responses will be anonymous and used to help us identify areas of improvement in our recruitment process. (We can only see aggregate responses, not individual responses. In fact, we aren’t even able to see if you’ve responded or not.) Responding is your choice and it will not be used in any way in our hiring process.

This job is not eligible for employment sponsorship.