Datavant is hiring a
Vulnerability Management Lead

Summary

Join Datavant, a data logistics company for healthcare, as the Vulnerability Management Lead/Manager and play a pivotal role in safeguarding the organization's technology assets. The ideal candidate will possess technical expertise, leadership abilities, and a deep comprehension of vulnerability management best practices.

Requirements

• Bachelor's degree in computer science, information technology, or a related field
• Five or more years of hands-on experience in vulnerability management in both production and enterprise asset environments
• Demonstrated ability to lead and manage a team of security professionals, driving collaboration and achieving results
• Excellent communication and interpersonal skills to engage effectively with stakeholders at all levels of the organization
• Strong analytical and problem-solving abilities to identify and resolve complex vulnerability issues
• Familiarity with industry-standard vulnerability management tools and technologies, including vulnerability scanners, threat intelligence platforms, and patch management systems
• Understanding of relevant industry standards and regulations, such as PCI DSS, ISO 27001, NIST Cybersecurity Framework, HITRUST, FEDRAMP and HIPAA

Responsibilities

• Build and maintain a comprehensive vulnerability management program aligned with industry standards and best practices
• Develop and maintain policy, guidelines and procedures for team internal, asset owners and partner teams
• Collaborate cross-functionally with teams including IT/Enterprise, Security/Compliance, Engineering/Production and Leadership, ensuring vulnerabilities are addressed expeditiously and effectively
• Aggregate vulnerability assessment results from partner teams, utilizing a combination of automated tools and manual reviews to identify potential weaknesses in systems, networks, and applications
• Prioritize vulnerabilities based on severity, risk level, and potential impact on the organization's operations and reputation
• Facilitate remediation plans for identified vulnerabilities, collaborating with asset owning teams to ensure timely resolution
• Monitor and track the progress of vulnerability remediation efforts, providing regular reports to management on the overall effectiveness of the program
• [Manage] and lead a team of vulnerability management professionals, fostering a culture of continuous improvement and knowledge sharing
• Stay abreast of emerging threats, vulnerabilities, and mitigation techniques through ongoing research and professional development

Preferred Qualifications

• Experience with security risk assessment and management, including threat modeling and risk analysis
• Familiarity with incident response and disaster recovery procedures
• Knowledge of cloud security and DevSecOps practices, including secure software development methodologies and cloud security controls
• Certifications in vulnerability management or information security, such as CISSP, CISM, or OSCP
• Preferred experience with AWS, Azure, Crowdstrike, Tenable, SonarCube, Wiz