Program Manager - Security Compliance Education, Training and Awareness
About Datadog:
We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—allowing for seamless collaboration and problem-solving among Dev, Ops and Security teams globally for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.
The Opportunity:
Datadog is looking for a Security, Privacy and Compliance Program Manager responsible for Datadog’s continuous information security and privacy training, education and awareness program. This role is expected to collaborate with Information Security, Engineering, Legal and other stakeholders to establish a meaningful roadmap. You will implement a program that helps establish a culture of security and privacy by design. You will leverage your experience on what does and does not work to implement diverse and creative training, awareness and communication methods to deliver meaningful content to the organization.
You will actively support and manage a variety of collateral and knowledge repositories that serve as enablers for other teams such as sales and customer support roles. Your familiarity with industry-standard frameworks (e.g. SOC 2, HIPAA, GDPR, NIST 800-53, ISO 27001) will help you identify meaningful training and education control requirements and translate them to meaningful business enabling activities.
As part of a small GRC team, you will have the opportunity to step outside of the boundaries of training and education and provide business value and continuous improvement to areas such as internal and external audit support and vendor security review/assessment activities.
If you believe that Security and Compliance translates to business-value and enablement, as a primary objective, we want to talk to you!
You Will:
- Own and lead Datdogs security, compliance and privacy training, education and awareness roadmap
- Collaborate with key stakeholders across the organization to ensure regulatory requirements are met while adding business value to control owner’s business function.
- Create and deliver training and documentation to help support a culture of security and privacy by design
- Implement scalable processes and curriculums that meet regulatory requirements while effectively keeping up with the organization’s rapid growth
- Provide transparency and clear status reporting through the use of meaningful and actionable scorecards that represent the effectiveness of the program or identifies continuous improvement opportunities
You Are:
- You have a BS or equivalent experience.
- You have a minimum of 5-8 years of relevant industry experience
- You have demonstrable experience teaching, mentoring and coaching team members to achieve culturally-changing behaviors that result in treating security and privacy requirements as fundamental operational requirements.
- You have demonstrable experience in successfully working with and positively influencing engineering teams, while understanding their daily challenges and demands.
- You have a working understanding of regulatory regimes and have demonstrable experience leveraging and implementing common control mappings (e.g. GDPR, CCPA, FedRAMP/NIST 800-53, HIPAA, ISO 27001, PCI DSS, HITRUST).
Bonus Points:
- You’ve managed a security and privacy training program for multi-cloud, technology/engineering-focused, SaaS-based service provider
- Certifications are not a strict requirement but are appreciated.
- You have a background in technical teaching and training and can demonstrate that you have used various training methods and approaches that address the requirements of a diverse set of technical control areas.
- You take pride in your writing ability and have been praised for it.
- You talk like you write; you are clear, concise, confident, and unafraid to make presentations. You have the gravitas and command presence to attend meetings where you’ll represent the concerns of security, sometimes against other organizational pressures, while maintaining positive and productive stakeholder relationships.
- You’re familiar with other cloud based productivity tools (e.g., JIRA, Confluence, GDocs).
- Compliance Certification a big plus (ISO 27001 Lead Auditor/Implementer, QSA)
Why You Should Apply:
- Generous and competitive global and US benefits
#LI-Remote This is a remote position
#LI-DO1
Equal Opportunity at Datadog:
Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
Your Privacy:
Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.