Lead Security Engineer - Active Defense
We’re on a mission to bring sanity and clarity to Dev & Ops. We need you to help secure a massively scalable, elegant system that turns trillions of data points per day into meaning for our customers. If you’re excited to work on a fast-moving team with the best open-source data tools at high scale, we want to meet you.
Datadog is building a world class security team to keep our employees and end users safe from real world threats. As the Lead Engineer for Active Defense you will build and lead a team in detecting and responding to threats against the security of Datadog's infrastructure. As the lead you will operate as subject matter expert, principle responder and team leader. By using existing platforms, building new tools and practicing your honed craft you will help secure Datadog as we seek to better serve the our customers who rely on us every day.
What you will do:
- Analyze known attacker methodology and, in concert with our security development teams, develop solutions to detect and defend against them
- Create new detection capabilities using available software and in house development
- Develop systems that detect malicious signals in our infrastructure that processes an extremely large amount of data
- Develop and deploy systems that support incident response and forensics in public cloud environments
- Lead security event and incident response efforts
- Build a team of subject matter experts to execute your given mission
- Work with other teams to better tune our tooling and train our staff to defend and detect advanced attacks
Who you must be:
- You an experienced subject matter expert in areas related to incident response and threat detection
- You have a track record leveraging your skill set in an environment that leverages the public cloud
- You value correctness and efficiency; you leave no stone unturned when diagnosing security issues
- You handle infrastructure with code because automation lets you focus on the more difficult and rewarding problems
- You have production experience with Amazon Web Services and / or GCP
- You want to work in a fast, high growth startup environment
- You have a documented history of relevant security research or development
- You are fully fluent in python or go
- Experience implementing or working within BeyondCorp style, zero-trust network and service architectures