Sr Application Security Architect

Datavant•New York City, NY

15h•$184,000 - $230,000

About The Position

Datavant is the data collaboration platform trusted for healthcare. Guided by our mission to make the world’s health data secure, accessible and actionable, we provide critical data solutions for organizations across the healthcare ecosystem - including providers, health plans, researchers, and life sciences companies. From fulfilling a single patient’s request for their medical records to powering the AI revolution in healthcare, Datavanters are building the future of how data is connected and used to improve health. By joining Datavant today, you’re stepping onto a driven and highly collaborative team that is passionate about creating transformative change in healthcare. What We’re Looking For As a Sr Application Security Architect at Datavant, you will play a key role in shaping the security posture of our products and services. You will lead secure architecture and design reviews across Datavant’s portfolio of applications, ensuring that security is embedded throughout the software development lifecycle. Partnering closely with engineering teams, product leadership, and compliance stakeholders, you will provide expert guidance on risk mitigation, make prioritized and actionable security recommendations, and help translate complex regulatory and compliance requirements into practical technical controls. What You Will Do Work directly with security senior leadership to ensure maturity, depth, and coverage of security controls. You’ll be expected to interface with our Development Engineering leadership as well as Security Engineering leadership daily. Help facilitate quarterly planning discussions by providing strategic prioritization of all security-related requests, including (but not limited to) architectural feedback, vulnerability remediation, compliance control implementation, etc. Be fearless in security control descriptions and writing process related elements down. The processes you build are not a castle of tone deaf documentation but a method of enabling development teams to move faster with more clarity. Review application projects our development teams build. This will mean putting eyes on code through secure code reviews as well as working with the teams to understand the broad architecture of systems being built. You’ll be very comfortable providing control feedback in a review environment to development teams. This role is not merely a +1, you’ll be adept at using your knowledge to the application of practical risk management. Own and conduct security/threat model reviews and provide expertise on security architecture-related topics. Own new projects for advancing security in our environment. Be the deep technical expert and collaborate with others on the teams to ensure project success. Your impact here cannot be understated, you are a core contributor and have deep influence to empower Datavant greatness.

Requirements

You are humble.
You have hands-on experience developing in multiple programming languages.
You demonstrate strong command of programming and can quickly adapt to new technologies as needed.
Have a deep understanding of Application and Cloud security.
Have a strong understanding of security controls, both those that exist in audit standards as well as practical controls that can help reduce risk and increase safety in application development environments and AWS and/or Azure.
You understand how the broad parts of a security team function and operate in unison.
You can articulate start to finish what role security should play in ideation and build with development teams- You have opinions and options on most of the steps.
You are a consummate collaborator, it’s inherent in your work behavior.
Ability to understand the tradeoffs between ideal security and what is necessary to appropriately secure a legacy system
You are heavily focused on delivery and being impactful; Understand how to operate and succeed in a very fast-paced environment where the security team should be a partner and enabler for the engineering team rather than a blocker.
6+ years of working in architectural and threat modeling review areas.
6+ years of working with compliance standards- We lean deeply into individuals who have experience and have practical knowledge of applying standards in low friction ways.
Broad scoped projects don’t scare you, they energize you.
However, you like to get things done fast (and help others) with limited dependencies.

Nice To Haves

You are often viewed as the “expert in the room” on building security controls. Development teams know they can depend on you to provide appropriate guidance and build predictable review programs.
You have experience with security in healthcare or other highly regulated space. Examples: HIPAA, HITRUST, SOC 2, PCI, FedRamp experience from an operational response standpoint.

Responsibilities

Work directly with security senior leadership to ensure maturity, depth, and coverage of security controls.
Help facilitate quarterly planning discussions by providing strategic prioritization of all security-related requests, including (but not limited to) architectural feedback, vulnerability remediation, compliance control implementation, etc.
Be fearless in security control descriptions and writing process related elements down.
Review application projects our development teams build.
Own and conduct security/threat model reviews and provide expertise on security architecture-related topics.
Own new projects for advancing security in our environment.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume