Datavant is a data platform company and the world’s leader in health data exchange. Our vision is that every healthcare decision is powered by the right data, at the right time, in the right format.
In Short
Monitor and analyze security alerts from SIEM / EDR platforms to detect and mitigate threats.
Analyze and investigate DLP alerts, enforce data protection policies, and reduce insider threats.
Collaborate with compliance, IT, and risk management teams to enforce security controls and reduce data exposure risks.
Lead and manage complex incident response engagements, ensuring effective coordination and communication across technical teams and stakeholders.
Design, mature, and implement advanced playbooks for triage, investigation, and response to cyber threats.
Spearhead initiatives to enhance our incident response processes.
Communicate complex security incidents and recommendations to customers and stakeholders.
Perform root cause analysis on impacted machines / platforms.
Lead, mentor, and develop junior analysts.
Requirements
7+ years of experience in Security Operations, with 2 years in a healthcare environment.
Advanced knowledge and hands-on experience in incident response and cybersecurity operations.
Strong understanding of Windows event logs and other investigation relevant artifacts.
Expertise in log management, SIEM, endpoint protection, and advanced security tools.
Proficiency in scripting languages like Python, PowerShell, or Bash.
Experience deploying, configuring, and managing SOAR platforms.
Experience with threat actors / APT groups targeting healthcare.
Availability for on-call duties, including nights, weekends, and holidays.
Benefits
High-performance culture with a commitment to diversity.
Competitive salary range of $140,000 - $175,000 USD/year.
Opportunities for professional growth and development.
Work in a values-driven team tackling complex healthcare problems.