Senior Information Security Engineer - Vulnerability Management
About Datadog:
At Datadog, we’re on a mission to build the best monitoring platform in the world. We operate at high scale—trillions of data points per day—providing always-on alerting, metrics visualization, logs, and application tracing for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.
The opportunity:
Datadog is looking for a Senior Information Security Engineer to join our Vulnerability Management team. The Vulnerability Management team is responsible for managing the discovery, analysis, tracking, and remediation of vulnerabilities across Datadog’s technical estate. By using existing platforms and building new tools, you will help secure Datadog as we seek to better serve the customers who rely on us every day.
You will:
- Work hand-in-hand with Engineering teams to classify, prioritize and remediate discovered vulnerabilities
- Operate and optimize vulnerability tooling for network, application, and container vulnerabilities
- Provide data-driven recommendations and advise Datadog team members on risks, remediations, and security best practices
- Build, automate and own security processes, tools and systems to solve capability challenges
- Mentor junior team members regarding all aspects of the vulnerability management lifecycle
- Monitor and evaluate the impact of current security trends, advisories, publications, and academic research
Requirements:
- You have 6+ years relevant technology experience
- You have deep experience in vulnerability management
- You can speak to the technical and business impacts of a vulnerability or bug
- You can speak to the technical efforts required to remediate a vulnerability or bug
- You have production experience with AWS, GCP or Azure at scale, and are comfortable deploying and maintaining security tools within these environments
- You can develop proficiently in the Python and/or Go programming language
- You’re familiar with development of web applications at all level - i.e. full-stack development
- You’re familiar with (or even prefer) infrastructure as code and its benefits and challenges
- You use automation of tedious or mundane tasks to enable focus on the more difficult and rewarding challenges
- You want to work in a fast-paced, high-growth environment
Bonus points:
- You are familiar with:
- Authentication and Authorization concepts
- Design patterns, repeatable guidance, and policy
- Basic cryptography and key management
- Development of security services/tools (Python & Go)
- Network and host monitoring
- Linux systems administration
- Continuous Integration infrastructure and Source Code Repositories
- Relevant Industry Certification (CISSP, CISA, GCIH)
- Compliance Certification a big plus (ISO 27001 Lead Auditor/Implementer, QSA)
- Your writing is beyond reproach
- Verbal communication is your cup of tea
Equal Opportunity at Datadog:
Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
Your Privacy:
For more information on how we maintain the privacy of the information you submit as part of your application, please refer to our Applicant and Candidate Privacy Notice.