Security Engineer

Security Engineer  

Truveta is the world’s first health provider led data platform with a vision of Saving Lives with Data. Our mission is to enable researchers to find cures faster, empower every clinician to be an expert, and help families make the most informed decisions about their care. Achieving Truveta’ s ambitious vision requires an incredible team of talented and inspired people with a special combination of health, software and big data experience who share our company values. 

This position is based out of our headquarters in the Greater Seattle Area and requires onsite presence 5 days per week. #LI-onsite

Who We Need

Truveta is rapidly building a talented and diverse team to tackle complex health and technical challenges. We are seeking candidates inspired by the opportunity to securely apply data in the development of real-world health solutions. Beyond core capabilities, we seek problem solvers, passionate and collaborative teammates, and those willing to roll up their sleeves while making a difference. We do things the right way. Our commitment to security and compliance assurance cannot be stressed enough. This position is critical to ensuring we are successful.

If you are interested in the opportunity to pursue purposeful work, join a mission-driven team, and build a rewarding career while having fun, Truveta may be the perfect fit for you.

This Opportunity   

Success in the healthcare industry is predicated on a foundation of trust. We demonstrate our trustworthiness as stewards of health data through three foundational pillars: security, privacy, and compliance.

The successful candidate will design, implement and support solutions that support the company’s Digital Workplace strategy. They will work on leading edge technologies that help modernize endpoint management by leveraging the cloud to quickly deliver end-user improvements.

Responsibilities

Data Security & Governance Engineering

• Design, implement, and operate data discovery and classification programs across structured and unstructured data sources
• Define and maintain data classification standards, labels, and handling requirements aligned with business and regulatory needs
• Deploy, tune, and maintain data security and governance tooling (e.g., Microsoft Purview, DLP, Defender for Cloud Apps, DSPM platforms)
• Integrate data discovery, classification, and exposure signals into security and governance workflows
• Partner with engineering and data platform teams to embed secure-by-design data governance controls into data pipelines and cloud services
• Continuously improve visibility into where sensitive data lives, how it is accessed, and how it is protected

Vulnerability & Exposure Management

• Own and operate vulnerability management efforts with a focus on risks that impact sensitive data
• Identify and assess data exposure risks caused by cloud misconfigurations, excessive permissions, insecure APIs, and weak access controls
• Correlate vulnerability and exposure data with data sensitivity and business impact to drive risk-based prioritization
• Track remediation actions to completion and validate the effectiveness of implemented fixes
• Provide clear reporting on vulnerability trends, data exposure risk, and remediation progress

Proactive Data Security & Risk Reduction

• Proactively identify shadow data stores, over-shared resources, and misclassified sensitive data
• Monitor and continuously improve data security posture, including access controls, encryption, and data lifecycle protections

Key Qualifications

• Bachelor’s degree in Cyber Security, Computer Science, Information Security, Information Systems, or a related field, or equivalent practical experience
• 5+ years of experience in Security Engineering, Data Security, Cloud Security, Vulnerability Management, or Governance-focused roles
• Hands-on experience with data discovery, classification, and governance tools (e.g., Microsoft Purview, DLP, DSPM platforms)
• Strong understanding of data security concepts, including classification, encryption, access control, data lifecycle management, and least privilege
• Experience operating or contributing to vulnerability management programs, including prioritization and remediation tracking
• Solid understanding of Azure cloud architecture, data services, and native security controls
• Familiarity with identity and access management (Azure Entra ID, RBAC) as it relates to data access and exposure risk
• Knowledge of regulatory and compliance frameworks impacting data security (e.g., SOC 2, HIPAA, GDPR, ISO 27001)
• Strong written and verbal communication skills, with the ability to explain data risk to both technical and non-technical stakeholders
• Ability to work cross-functionally and influence without direct authority
• Relevant certifications such as SC-400 (Information Protection), SC-300, Azure Security Engineer Associate, CISSP, CISM, CCSP, or similar are strongly preferred

Preferred Qualifications

• Ability to be a self-starter and motivated to help Engineering teams understand cyber security best practices
• Experience with SAST, DAST, OSS, web-app pen-test, and offensive security assessment tools
• Knowledge and experience with information security controls, infrastructure, and implementation techniques
• Experience in improving vulnerability remediation requirements
• Experience in delivering product security in one or more public clouds (Azure, AWS, GCP)
• Experience in securely operating highly distributed systems with published SLAs
• Experience with supporting engineering compliance, e.g., HIPAA, ISO, SOC2, FDA
• Certifications in Information Security, e.g., GSEC, GCWN, GDSA, CISSP, HCISP, CCSP, CRISC, CISM, Security+, or other security relevant accreditations
• Offensive Security certifications are a plus, e.g., GCIH, GPEN, GXPN, OSCP, OSEE, CEH

Why Truveta?  

Be a part of building something special. Now is the perfect time to join Truveta. We have strong, established leadership with decades of success. We are well-funded. We are building a culture that prioritizes people and their passions across personal, professional and everything in between. Join us as we build an amazing company together. 

We Offer:

• Interesting and meaningful work for every career stage
• Great benefits package
• Comprehensive benefits with strong medical, dental and vision insurance plans
• 401K plan
• Professional development & training opportunities for continuous learning
• Work/life autonomy via flexible work hours and flexible paid time off
• Generous parental leave
• Regular team activities (virtual and in-person)
• The base pay for this position is $115,000 to $140,000. The pay range reflects the minimum and maximum target. Pay is based on several factors including location and may vary depending on job-related knowledge, skills, and experience. Certain roles are eligible for additional compensation such as incentive pay and stock options.

If you are based in California, we encourage you to read this important information for California residents linked here.

Truveta is committed to creating a diverse, inclusive, and empowering workplace. We believe that having employees, interns, and contractors with diverse backgrounds enables Truveta to better meet our mission and serve patients and health communities around the world. We recognize that opportunities in technology historically excluded and continue to disproportionately exclude Black and Indigenous people, people of color, people from working class backgrounds, people with disabilities, and LGBTQIA+ people. We strongly encourage individuals with these identities to apply even if you don’t meet all of the requirements.

Please note that all applicants must be authorized to work in the United States for any employer as we are unable to sponsor work visas or permits (e.g. F-1 OPT, H1-B) at this time. We appreciate your interest in the position and encourage you to explore future opportunities with us.