[Hiring] Sr. Security Architect @Datavant

Datavant is a data logistics company for healthcare whose products and solutions enable organizations to move and connect data securely. We are a data logistics company for healthcare whose products and solutions enable organizations to move and connect data securely. Datavant has a network of networks consisting of thousands of organizations, more than 70,000 hospitals and clinics, 70% of the 100 largest health systems, and an ecosystem of 500+ real-world data partners.

By joining Datavant today, you’re stepping onto a highly collaborative, remote-first team that is passionate about creating transformative change in healthcare. We hire for three traits: we want people who are smart, nice, and get things done. We invest in our people and believe in hiring for high-potential and humble individuals who can rapidly grow their responsibilities as the company scales. Datavant is a distributed, remote-first team, and we empower Datavanters to shape their working environment in a way that suits their needs.

You will:

• Have a deep understanding of Application and Cloud security. You’ll use this knowledge to provide architectural reviews and contributions to our development teams.
• Have a strong understanding of security controls, both those that exist in audit standards as well as practical controls that can help reduce risk and increase safety in application development environments and AWS and/or Azure.
• Work directly with security senior leadership to ensure maturity, depth, and coverage of security controls. You’ll be expected to interface with our Development Engineering leadership as well as Security Engineering leadership daily. 
• Be fearless in security control descriptions and writing process related elements down. The processes you build are not a castle of tone deaf documentation but a method of enabling development teams to move faster with more clarity.
• Review application projects our development teams build. This may mean putting eyes on code as well as working with the teams to understand the broad architecture of things being built. You’ll be very comfortable providing control feedback in a review environment to development teams. This role is not merely a +1, you’ll be adept at using your knowledge to the application of practical risk management.
• Own and conduct security/threat model reviews and provide expertise on AppSec and security architecture-related topics.
• Own new projects for advancing security in our environment. Be the deep technical expert and collaborate with others on the teams to ensure project success. Your impact here cannot be understated, you are a core contributor and have deep influence to empower Datavant greatness.

What you will bring to the table: 

• You are humble.
• You can read and may have developed in Python in the past. You have command of the language.
• You understand how the broad parts of a security team function and operate in unison.
• You can articulate start to finish what role security should play in ideation and build with development teams.
• You have opinions and options on most of the steps.
• You are a consummate collaborator, it’s inherent in your work behavior.
• You are heavily focused on delivery and being impactful; Understand how to operate and succeed in a very fast-paced environment where the security team should be a partner and enabler for the engineering team rather than a blocker.
• 3+ years of working in architectural and threat modeling review areas.
• 3+ years of working with compliance standards. 
• We lean deeply into individuals who have experience and have practical knowledge of applying standards in low friction ways.
• Broad scoped projects don’t scare you, they energize you. However, you like to get things done fast (and help others) with limited dependencies.

Bonus points if:

• You are often viewed as the “expert in the room” on building security controls. Development teams know they can depend on you to provide appropriate guidance and build predictable review programs.
• You have experience with security in healthcare or other highly regulated space. Examples: HIPAA, HITRUST, SOC 2, PCI, FedRamp experience from an operational response standpoint.

We are committed to building a diverse team of Datavanters who are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.

Our compensation philosophy is to be externally competitive, internally fair, and not win or lose on compensation. Salary ranges for this position are developed with the support of benchmarks and industry best practices. 

We’re building a high-growth, high-autonomy culture. We rely less on job titles and more on cultivating an environment where anyone can contribute, the best ideas win, and personal growth is driven by expanding impact. The range posted is for a given job title, which can include multiple levels. Individual rates for the same job title may differ based on their level, responsibilities, skills, and experience for a specific job. The estimated salary range for this role is $170,000- $210,000.

At the end of this application, you will find a set of voluntary demographic questions. If you choose to respond, your responses will be anonymous and used to help us identify areas of improvement in our recruitment process. (We can only see aggregate responses, not individual responses. In fact, we aren’t even able to see if you’ve responded or not.) Responding is your choice and it will not be used in any way in our hiring process.