Datavant is hiring a
Detection Engineer

Summary

Join Datavant, a data logistics company for healthcare, as a Security Detection Engineer to play a crucial role in safeguarding assets by bringing operational rigor, innovation, and influence. This is an opportunity to make an impact as a founding member of a team where your influence will help pave the way for success.

Requirements

• Proficient in scripting languages and ability to implement secure coding, design practices, Git Version Control, and using release pipelines (Production)
• Proven experience in threat hunting, security detection, and incident response
• Have knowledge or experience in the application security landscape and best practices
• Experience in designing and implementing a Security Orchestration, Automation, and Response (SOAR) solution
• Experience in analyzing log data such as network traffic, endpoint events, SaaS activity (O365, Gdrive, Sharepoint, etc.), production host events, IOCs, and more to confidently identify, evaluate, and mitigate malicious activity, including automating the recommended countermeasures
• Deep knowledge of AWS/Azure services and management including containerization (Docker) and container orchestration (EKS, GKE, AKS) is highly desirable
• Familiarity with SIEM solutions (Splunk) and automation tools
• Thrive in a fast-paced autonomous environment
• Great communication, prioritization, and project management skills. With the ability to advocate for a position while maintaining a collaborative and open-minded approach
• Passionate about building a big business that transforms the healthcare industry

Responsibilities

• Design, implement, automate, and maintain security detection mechanisms to improve efficiency and reduce manual intervention, overhead, and repetitive processes
• Develop and maintain custom detection rules and signatures to identify specific threats or patterns of behavior
• Monitor and fine-tune detection systems to reduce false positives, alert fatigue, and improve accuracy
• Collaborate with various stakeholders to ensure effective incident detection and response
• Provide recommendations for improving the organization’s security posture based on the detection findings
• Create and maintain custom scripts and automation tools to support threat hunting and detection efforts
• Build new pipelines and workflows to accommodate new automation processes
• Stay up-to-date with the latest threat vectors and attack surfaces to be innovative in preventing successful malicious campaigns and protect the organization
• Work collaboratively with engineering, legal, people and other Datavant teams
• Be part of on-call rotation for Incident Response

Preferred Qualifications

• Relevant certifications from GIAC, Offsec, ISC2, etc are a plus
• You can build in at least a single language (Python, etc.) and have Infrastructure as Code depth (Terraform). It is expected that you have a “git native” skillset
• Combination of offensive/defensive skill set with the mindset to easily move between two as needed (Purple Team portfolio)
• API Management (Experience in dealing with APIs for integrations, security investigations)