SOC / SIRT Engineer - Remote

Overview

Datavant is a data platform company and the world’s leader in health data exchange. Our vision is that every healthcare decision is powered by the right data, at the right time, in the right format.

In Short

• Monitor and analyze security alerts from SIEM / EDR platforms to detect and mitigate threats.
• Analyze and investigate DLP alerts, enforce data protection policies, and reduce insider threats.
• Collaborate with compliance, IT, and risk management teams to enforce security controls and reduce data exposure risks.
• Lead and manage complex incident response engagements, ensuring effective coordination and communication across technical teams and stakeholders.
• Design, mature, and implement advanced playbooks for triage, investigation, and response to cyber threats.
• Spearhead initiatives to enhance incident response processes, leveraging the latest methodologies and technologies.
• Communicate complex security incidents and recommendations to customers and stakeholders.
• Perform root cause analysis on impacted machines / platforms to help mitigate future risks.

Requirements

• 5+ years of experience in Security Operations, with 2 years in a healthcare environment.
• Advanced knowledge and hands-on experience in incident response and cybersecurity operations.
• Strong understanding of Windows event logs and other investigation relevant artifacts.
• Expertise in log management, SIEM, endpoint protection, and advanced security tools.
• Proficiency in scripting languages like Python, PowerShell, or Bash.
• Experience with threat actors / APT groups targeting healthcare.
• Availability for on-call duties, including nights, weekends, and holidays.

Benefits

• High-performance culture with a commitment to diversity.
• Equal Employment Opportunity employer.
• Competitive salary and total rewards strategy.
• Opportunities for professional growth and development.
• Support for reasonable accommodations for individuals with disabilities.