About the role

Truveta provides unprecedented real-world data and real-time intelligence, powered by a dataset built with and owned by US health systems united in a mission of Saving Lives with Data. Together, we power breakthrough medical discoveries, accelerate regulatory-grade evidence, and improve patient care. Today, Truveta enables research on more than 130 million de-identified patients across the US.

Achieving Truveta’s ambitious mission requires an incredible team of talented and inspired people with a special combination of health, software and big data experience who share our company values.

Role Overview

We are looking for a Senior Security Engineer to drive vulnerability management and penetration testing across applications and infrastructure.

This role is focused on hands-on identification, validation, and remediation of security issues, with an emphasis on building scalable processes and improving overall security posture.

Key Responsibilities

Own and operate the vulnerability management lifecycle, including:

Continuous scanning (applications, infrastructure, dependencies)

Risk-based prioritization

Tracking and driving remediation

Perform penetration testing on web applications, APIs, and cloud environments.

Validate and triage vulnerabilities to eliminate false positives and ensure actionable findings.

Partner with engineering teams to fix vulnerabilities and prevent recurrence.

Implement and manage tools for:

SAST, DAST, and dependency scanning

Infrastructure and container scanning

Develop repeatable testing methodologies and automation.

Conduct adversarial testing and exploit validation to simulate real-world attack scenarios.

Track metrics and report on risk posture and remediation progress.

Contribute to improving secure development practices based on findings.

Required Qualifications

5–9+ years of experience in security engineering, vulnerability management, or penetration testing.

Hands-on experience with:

Web and API security testing

Common vulnerabilities (OWASP Top 10, misconfigurations, auth flaws)

Strong understanding of attack techniques and exploitation methods.

Experience with security scanning tools and frameworks.

Ability to analyze and validate vulnerabilities in real-world systems.

Familiarity with cloud environments (Azure preferred).

Preferred Qualifications

Experience with automating security testing in CI/CD pipelines.

Familiarity with container and Kubernetes security.

Skills & Tags
go aws azure kubernetes ai ios data

Aplyr's read

Truveta leverages healthcare data to enhance patient outcomes and drive medical research, attracting professionals in data science, software engineering, and clinical analytics.
Synthesized from recent postings & public sources

What's promising

•Truveta's platform offers a unique opportunity to work on cutting-edge healthcare data analytics.
•The company is deeply involved in advancing medical research through data-driven insights.
•Truveta's focus on improving patient outcomes aligns with meaningful, impactful work.

What to watch

•Limited public information about Truveta's financial stability and long-term viability.
•The company operates in a highly regulated industry, potentially leading to compliance challenges.
•Rapid growth may result in evolving job roles and responsibilities.

Why Truveta

•Truveta integrates vast healthcare data to provide actionable insights for medical research.
•The company employs a diverse range of roles, from clinical terminologists to AI/ML engineers.
•Truveta's mission-driven approach focuses on tangible improvements in patient care.

Aplyr’s read is generated by AI from public sources. Was it useful?