Security Customer Assurance Specialist

Summary

Join Datavant's Customer Security Assurance program as a lead within the Information Security Governance, Risk, and Compliance (GRC) organization. You will be the voice of security for our customers, building a long-term plan to foster trust and achieve Datavant's vision. This role requires coordinating responses to customer inquiries, performing technical assessments, liaising with customers, and supporting internal teams. You will also track metrics, develop reporting, and contribute to knowledge base refinement. Success in this role demands strong communication, analytical, and problem-solving skills, along with experience in security, audits, and customer assurance. Datavant offers a remote-friendly, collaborative environment and a competitive salary.

Requirements

• 4+ years experience in security, audits, customer assurance, control assessments, or risk assessments based on security and privacy frameworks, such as SOC 2, ISO 27001, HIPAA, PCI, HITRUST, NIST 800-53, FedRAMP, etc
• Experience in performing technical assessments and documentation around key controls and security processes, as well as auditing IT processes, including working knowledge of key controls across a number of industry best practices
• Excellent analytical, problem-solving, and project management skills
• Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams, stakeholders, and customers
• Detail-oriented and able to handle multiple priorities in a fast-paced environment
• Ability to operate effectively in ambiguity

Responsibilities

• Coordinate and manage responses to customer enquiries, including contributing to Request for Proposals (RFP), responding to customer security enquiries, diligence assessments, customer audits, etc
• Perform technical assessments and documentation around key controls and security processes, including working knowledge of key controls across a number of industry best practices
• Liaise with customers, articulating control implementation, and describing considerations for applying security and compliance concepts to a technical environment. Simplify security compliance requirements into clear technical control specifications and policies
• Field and address requests for team support in collaboration with internal and external stakeholders
• Communicate effectively and regularly with internal teams and customers
• Support our legal teams in contract review activities to ensure security contract clauses are appropriate
• Track metrics and develop reporting to demonstrate the status and progress of your work
• Continuously build and refine knowledge base information, whitepapers, frequently asked questions, control narratives, etc. and contribute to ongoing development and improvement
• Understand the impact of security in our go-to-market pipeline, report on trends and help us improve how we invest in security
• Stay apprised on industry standards and regulations for security and compliance

Preferred Qualifications

• One or more industry-recognized security, cloud, or audit professional certifications (e.g., CISA, CISM, CISSP, CCSP, etc.)
• IT security and audit experience in the healthcare industry
• Knowledge of, or experience working with, cloud-services environment (e.g. AWS) and cloud security controls

Benefits

• Remote work, flexible hours
• Salary range: $90,000 - $155,000