Companies Truveta Senior Security Engineer – Vulnerability Management & Penetration Testing

About the role

Truveta · Onsite

Truveta provides unprecedented real-world data and real-time intelligence, powered by a dataset built with and owned by US health systems united in a mission of Saving Lives with Data. Together, we power breakthrough medical discoveries, accelerate regulatory-grade evidence, and improve patient care. Today, Truveta enables research on more than 130 million de-identified patients across the US.  

Achieving Truveta’s ambitious mission requires an incredible team of talented and inspired people with a special combination of health, software and big data experience who share our company values.

Role Overview 

We are looking for a Senior Security Engineer to drive vulnerability management and penetration testing across applications and infrastructure. 

This role is focused on hands-on identification, validation, and remediation of security issues, with an emphasis on building scalable processes and improving overall security posture. 

 

Key Responsibilities 

  • Own and operate the vulnerability management lifecycle, including:  
  • Continuous scanning (applications, infrastructure, dependencies)  
  • Risk-based prioritization  
  • Tracking and driving remediation  
  • Perform penetration testing on web applications, APIs, and cloud environments.  
  • Validate and triage vulnerabilities to eliminate false positives and ensure actionable findings.  
  • Partner with engineering teams to fix vulnerabilities and prevent recurrence 
  • Implement and manage tools for:  
  • SAST, DAST, and dependency scanning  
  • Infrastructure and container scanning  
  • Develop repeatable testing methodologies and automation 
  • Conduct adversarial testing and exploit validation to simulate real-world attack scenarios.  
  • Track metrics and report on risk posture and remediation progress 
  • Contribute to improving secure development practices based on findings.  

 

Required Qualifications 

  • 5–9+ years of experience in security engineering, vulnerability management, or penetration testing 
  • Hands-on experience with:  
  • Web and API security testing  
  • Common vulnerabilities (OWASP Top 10, misconfigurations, auth flaws)  
  • Strong understanding of attack techniques and exploitation methods 
  • Experience with security scanning tools and frameworks 
  • Ability to analyze and validate vulnerabilities in real-world systems 
  • Familiarity with cloud environments (Azure preferred) 

 

Preferred Qualifications 

  • Experience with automating security testing in CI/CD pipelines 
  • Familiarity with container and Kubernetes security 
  • Experience with bug bounty or red teaming 
  • Relevant certifications (e.g., OSCP, CEH, GWAPT).  

 

What We’re Looking For 

  • Strong hands-on tester and problem solver 
  • Ability to go beyond tools and think like an attacker 
  • Focus on impact-driven security, not just findings. 
Ready to apply to Truveta?
Apply to Truveta

Similar jobs

Sign up for suggestions tailored to the jobs you open and the searches you save.

Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get the worldwide-remote edge.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free