Senior Security Engineer - Threat Detection Engineering

The Security Research team at Datadog develops impactful security detection content for Datadog’s Security platform. You will join a diverse team of hackers and builders who launch impactful security products and research via cross-company collaboration, partnerships with the security community and open source initiatives.

As a Senior Security Engineer - Detection Engineering, you will deliver high quality threat detection content sourcing a wide variety of data, especially cloud native datasets and workload runtime events, to detect threats for our customers in near real-time. You will creatively identify ways to provide detection coverage across different technology classes such as public cloud platforms, SaaS applications, endpoint and network technologies, and many more. Together with your team, you will research attacker techniques against modern enterprise technologies and other attack surfaces to evangelize your findings with the community. You’ll apply data-driven insights to generate the highest quality security signal for Datadog customers. As an expert in threat investigations, you may even codify your expertise into our agentic SOC capability. Additionally, you’ll serve as the voice of the customer to continuously provide product feedback through our partner product teams.

At Datadog, we place value in our office culture - the relationships and collaboration it builds and the creativity it brings to the table. We operate as a hybrid workplace to ensure our Datadogs can create a work-life harmony that best fits them.

What You’ll Do:

• Learn everything about detecting threats in modern enterprise environments and pour it back into building a great threat management product for our customers
• Owns the entire detection lifecycle from ideation to production and maintenance
• Research and ideate the most ideal way to operationalize telemetry end-to-end from our data platforms into our threat detection products as detections at scale across thousands of customers
• Mentor and support junior security engineers on the team while functionally leading one or more detection work streams
• Partner with product management, engineering, security research and customers to develop roadmaps of detection content for various integrations and other security concerns
• Design security investigation and responses workflows to enable the instrumentation of our agentic SOC architecture; identify inefficiencies in the AI capabilities and work through engineering to improve its level of precision
• Identify and drive inefficiencies out of content development processes through the creation of innovative tooling, automation and rapid prototyping; shepherd platform issues impacting content development and user experience through engineering to completion
• Evangelize yourself and the Datadog security brand through blog posts, documentation, webinars, and workshops. Present at conferences to highlight the challenges and successes in the field

Who You Are:

• A previous background in detection engineering, incident response or other security operations function
• Experience operating in at least one public cloud platform (AWS, GCP, Azure) and other cloud native technologies (Kubernetes, Docker, Terraform)
• Understanding of modern cloud native attacker techniques and are familiar with technical controls to prevent and detect these attacks
• Proficient understanding of Windows and Linux internals and associated telemetry to detect threats at runtime
• Vast experience detecting and responding to threats at scale through a wide variety of technologies and datasets using a modern detection engineering approach (detection-as-code)
• Basic proficiency with Python, Golang or other programming languages
• Experience measuring the quantitative and qualitative effectiveness of security detections to make data-driven decisions 
• Thrive in navigating ambiguity and ability to bring fresh perspectives to the team

Datadog values people from all walks of life. We understand not everyone will meet all the above qualifications on day one. That's okay. If you’re passionate about technology and want to grow your skills, we encourage you to apply.
To conform to US export control regulations, candidates should be eligible for any required authorizations from the US government. This job is available in various departments within our company; to conform to US export control regulations, some of these roles may require candidates to be eligible for any required authorizations from the US government.

Benefits and Growth: 

• New hire stock equity (RSUs) and employee stock purchase plan (ESPP)
• Continuous professional development, product training, and career pathing
• Intradepartmental mentor and buddy program for in-house networking
• An inclusive company culture, ability to join our Community Guilds (Datadog employee resource groups)
• Access to Inclusion Talks, our internal panel discussions
• Free, global mental health benefits for employees and dependents age 6+
• Competitive global benefits

Benefits and Growth listed above may vary based on the country of your employment and the nature of your employment with Datadog.