Datavant
healthcare
DetectionEngineer
Neural analysis suggests this role is
optimal for Mid+ candidates.
“Detection Engineer at Datavant. Skills: Detection Engineering, security stack, high-fidelity detections, endpoint security, network security, cloud security, data exfiltration detection, insider risk detection, threat analysis, detection quality improvement, incident investigation, detection strategy refinement, adversary TTP translation, detection automation, detection scalability, detection efficiency. designing, building, and continuously improving detection capabilities across our security s”
Industry & Context.
analytical and critical thinking skills; Ability to investigate complex security events and translate findings into detection improvements
post-offer health screenings, proof and/or completion of various vaccinations such as the flu shot, Tdap, COVID-19, etc., not eligible for employment sponsorship
What They're Looking For.
Must Have
Data Loss Prevention (DLP) tools and workflows like CyberHaven and Microsoft Purview, CrowdStrike and Zscaler (or comparable EDR and network security platforms), Windows event logs and other investigation-relevant artifacts, SIEM platforms, log management systems, and endpoint security tools, analytical and critical thinking skills with exceptional attention to detail, Ability to investigate complex security events and translate findings into detection improvements, Excellent written and verbal communication skills, with the ability to clearly explain complex security concepts, interpersonal skills and the ability to collaborate effectively across security, IT, and engineering teams, Self-driven with a continuous improvement mindset
Nice to Have
building detections mapped to frameworks such as MITRE ATT&CK, scripting or query languages (e.g., Python, KQL, SPL, SQL), insider threat or data exfiltration detection strategies, Background in threat hunting or incident response
What You'll Do.
and continuously improving detection capabilities across our security stack
enabling rapid response through high-fidelity detections
collaboration with Security Operations and Incident Response teams
and maintain detection logic across endpoint
and cloud environments
Create and tune detections using tools such as CrowdStrike
Leverage Cyberhaven to build and enhance data exfiltration and insider risk detections
Analyze logs and telemetry to identify attack patterns
Continuously improve detection quality by reducing false positives and increasing signal fidelity
Partner with Incident Response and Security Operations to investigate alerts and refine detection strategies
Develop and document detection use cases
Stay current with adversary tactics
and procedures (TTPs) and translate them into actionable detections
Contribute to detection automation and engineering initiatives to improve scalability and efficiency
How You'll Work.
Team & Collaboration
collaboration with Security Operations and Incident Response teams; Partner with Incident Response and Security Operations to investigate alerts and refine detection strategies; ability to collaborate effectively across security, IT, and engineering teams
Communication Scope
Excellent written and verbal communication skills, with the ability to clearly explain complex security concepts
Full Job Description
Datavant is the data collaboration platform trusted for healthcare. Guided by our mission to make the world’s health data secure, accessible and actionable, we provide critical data solutions for organizations across the healthcare ecosystem - including providers, health plans, researchers, and life sciences companies. From fulfilling a single patient’s request for their medical records to powering the AI revolution in healthcare, Datavanters are building the future of how data is connected and used to improve health. By joining Datavant today, you’re stepping onto a driven and highly collaborative team that is passionate about creating transformative change in healthcare. What We’re Looking For We are seeking a highly skilled Detection Engineer to join our Detection Engineering team. This role is responsible for designing, building, and continuously improving detection capabilities across our security stack. You will play a critical role in identifying threats, reducing risk, and enabling rapid response through high-fidelity detections and strong collaboration with Security Operations and Incident Response teams. What You Will Do Design, develop, and maintain detection logic across endpoint, network, and cloud environments Create and tune detections using tools such as CrowdStrike, Zscaler, SIEM platforms, and DLP solutions Leverage Cyberhaven to build and enhance data exfiltration and insider risk detections Analyze logs and telemetry to identify attack patterns, anomalies, and emerging threats Continuously improve detection quality by reducing false positives and increasing signal fidelity Partner with Incident Response and Security Operations to investigate alerts and refine detection strategies Develop and document detection use cases, playbooks, and workflows Stay current with adversary tactics, techniques, and procedures (TTPs) and translate them into actionable detections Contribute to detection automation and engineering initiatives to improve scalability a
Applying for this Detection Engineer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
ANONYMOUS · UNFILTERED
What do employees actually say about Datavant?
Real rants from real employees. Read before you apply.