Senior Software Engineer (GRC)

at Datavant

Remote, United States

Datavant is a data logistics company for healthcare whose products and solutions enable organizations to move and connect data securely. We are a data logistics company for healthcare whose products and solutions enable organizations to move and connect data securely. Datavant has a network of networks consisting of thousands of organizations, more than 70,000 hospitals and clinics, 70% of the 100 largest health systems, and an ecosystem of 500+ real-world data partners.

By joining Datavant today, you’re stepping onto a highly collaborative, remote-first team that is passionate about creating transformative change in healthcare. We hire for three traits: we want people who are smart, nice, and get things done. We invest in our people and believe in hiring for high-potential and humble individuals who can rapidly grow their responsibilities as the company scales. Datavant is a distributed, remote-first team, and we empower Datavanters to shape their working environment in a way that suits their needs.

Datavant Secure Governance team is embarking on a mission and transformation to modernize the way our organization meets GRC objectives. GRC engineering will meet this challenge by building and integrating technologies to automate information gathering and testing to maintain transparent security and compliance both internally, with external partners, and regulators. This will empower the security team with data driven answers to make proactive decisions that protect sensitive information!

You will:

  • Have a deep understanding of automating a wide variety of business and technical processes and designing middleware, including big data technologies, normalization strategies, and service bus pipelines. You’ll use this knowledge to streamline and automate various Security functions, including, but not limited to: the vulnerability, risk, audit, and compliance lifecycles. We consider this to be high-impact work for the Security org because you are helping to revolutionize the way we execute traditional Security and Compliance functions. You are replacing daily toil and mistakes with speed and accuracy, freeing our Security and Compliance practitioners to tackle more complex, higher-order challenges.
  • Undertake large processes and carry software development from requirements gathering to production ready, secure, and maintainable solutions. This breadth matters because we are a startup and everyone wears multiple hats. This role encompasses everything from some lightweight project management, some quality control, some customer satisfaction, as well as significant development work.
  • Have a strong understanding of REST and PostMan for integrating systems via API, as we are going to externalize some of our services.
  • Partner with non-developer team leaders, listen to their pain points, and translate challenges into feature requests and solutions, checking in with them frequently to ensure a high customer satisfaction (NPS) for your work, and our team.
  • Be self-aware of scalability challenges and resource limitations. You may hear a complete list of problems or unreasonable asks and be able to discern where to draw the line in feature development for reasonable value, setting reasonable expectations with our customers and working off a sensible roadmap that you share with them to achieve buy-in.
  • Write production ready code. This means code must be stable, resilient, commented, documented, and most of all, meet stringent security requirements because you are a developer within the larger Security org.
  • Be fearless in designing solutions that may require integrating several solutions, processes, requirements together or challenge the way people “have always done things”.
  • Be assertive at creating solutions that can be maintained or monitored by other people or teams. To be scalable, we must create easy to use, maintain, and administer products that we can walk away from when complete.
  • Be thoughtful about modularity and language agnostic access points. What if someone wants to add a new data source using a different language? How can we design where new features can be added by other teams?
  • Be experienced in designing vendor neutral solutions. Security tools change rapidly as our industry adapts to new threats. We must build our solutions with this understanding and design pluggable solutions that minimize tool-change impact.
  • Deploy to highly secure and sensitive environments. Container and/or AWS Lambda experience is a plus.

What you will bring to the table:

  • You are humble.
  • You can read and develop in CSharp, Python, PowerShell, SQL, and Regular Expressions. You have command of these languages.
  • You understand how to design middleware solutions to automate processes and have developed cross-platform solutions.
  • You can articulate start to finish a new project requirements, stories, estimated work, and project plan using Jira.
  • You have opinions and options on most of the steps.
  • You are a consummate collaborator, it’s inherent in your work behavior.
  • You value time deeply and optimize for greatest impact.
  • 6+ years of working in development with a strong focus in backend services.
  • 3+ years of working with REST, GraphQL, and Postman.
  • Strong working knowledge with regular expressions to quickly parse and validate data.
  • Broad scoped projects don’t scare you, they energize you. However, you like to get things done fast (and help others) with limited dependencies.
  • Rapidly documenting and diagramming systems is a natural function you do not wait to be asked to do.

Bonus points if:

  • You have experience integrating security or GRC tools.
  • You have experience writing production application documentation and carrying a project through the SDLC pipeline.
  • You have experience implementing containers and/or AWS Lambda’s
  • Have experience converting .Net projects to being cross platform compatible
  • You are seen by your customers as patient and providing clear solutions with reasonable estimates of work.
  • You have experience writing code to function in highly regulated spaces. Examples: HIPAA/HITRUST, SOC 2, PCI, FedRAMP production environments.

We are committed to building a diverse team of Datavanters who are all responsible for stewarding a high-performance culture in which all Datavanters belong and thrive. We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.

Our compensation philosophy is to be externally competitive, internally fair, and not win or lose on compensation. Salary ranges for this position are developed with the support of benchmarks and industry best practices.

We’re building a high-growth, high-autonomy culture. We rely less on job titles and more on cultivating an environment where anyone can contribute, the best ideas win, and personal growth is driven by expanding impact. The range posted is for a given job title, which can include multiple levels. Individual rates for the same job title may differ based on their level, responsibilities, skills, and experience for a specific job. The estimated salary range for this role is $170,000,- $220,000.

At the end of this application, you will find a set of voluntary demographic questions. If you choose to respond, your responses will beanonymous and used to help us identify areas of improvement in our recruitment process. (We can only see aggregate responses, not individual responses. In fact, we aren’t even able to see if you’ve responded or not.) Responding is your choice and it will not be used in any way in our hiring process.

More Information

Apply for this job
Share this job

12th Anniversary Top InfoSec Innovator & Black Unicorn Awards for 2024 are now Open! Finalists Notified Before BlackHat USA 2024...