The Core Security Response team plays a vital role in keeping Datadog safe
from security threats by maintaining the stability and integrity of our
systems and data. In this role you will work with engineers across Datadog to
identify, triage, and effectively respond to a wide array of security
threats, ensuring that we contain and regain control as fast as possible. We
are also responsible for analyzing and helping Datadog learn from its security
incidents, working cross-functionally to ensure we have long-term
remediations in place. You will work with other engineers to build tools and
systems to help us realize our mission of keeping Datadog safe.
At Datadog, we place value in our office culture - the relationships and
collaboration it builds and the creativity it brings to the table. We operate
as a hybrid workplace to ensure our Datadogs can create a work-life harmony
that best fits them.
What You'll Do:
Serve as a hand-ons technical leader who is accountable for our security
incident response program at Datadog. You can lead by example by joining our
security response rotation and setting the standard for responding to threats.
Identify the best strategic investments we need to make to improve security
incident response, and work with engineering management to develop a
roadmap. Lead the design and implementation of tools, systems, and
programs to improve our IR capabilities and strengthen Datadog's overall
security posture.
Coach and mentor team members in day-to-day activities and serve as an
ambassador for the team across Datadog to advocate our mission.
Collaborate with cross functional teams across the company to ensure our work
is delivering continuous business value and aligning well with existing
processes. Work with other security teams to develop strategies and prioritize
work to prevent future security incidents.
Investigate, contain and remediate security threats to the company when an
incident is declared. Lead under pressure, make decisions in ambiguous
situations, and collaborate across several teams to drive towards resolution.
Triage automated alerts and signals in Datadog Cloud SIEM so we can respond to
emergent threats that affect Datadog's security. Work with our Threat
Detection team to tune and calibrate these signals so they're maximizing
value.
Conduct post-incident analysis to allow Datadog to learn from its security
incidents, ensuring postmortems are blameless and actionable. Ensure we are
capturing follow-up items that repairs systematic issues and prevents repeated
patterns of issue.
Create regular training and drills for the incident response team to ensure
readiness in the event of a security incident. Participate in purple team
exercises, tabletops and cross-functional game days with other security teams.
Stay up-to-date with the latest security trends, threats and technologies to
ensure Datadog is prepared to respond to any type of security incident.
Who You Are:
Around 10 years experience in security incident response positions dealing
with cloud environments, especially for incidents involving multiple teams
and departments.
You have several years of experience leading cross-team initiatives involving
multiple teams, ideally bridging the security engineering and infrastructure
domains; and you have a strong track record of delivering projects with
business value.
Strong understanding of security technologies and systems, including
firewalls, intrusion detection systems, and authentication systems.
Familiarity with Kubernetes and distributed systems in the cloud, along with
an understanding of their potential failure scenarios, vulnerabilities and
threats that might affect them.
Strong understanding of cloud technologies and hands-on experience with AWS,
GCP, and/or Azure.
Experience with post-incident analysis and writing postmortems to help the
organization learn from incidents. An ability to work cross-functionally to
identify and solve systemic problems.
Experience building and maintaining tools to assist with incident response and
other security tasks. We mainly use Go and Python.
Strong ownership and an ability to work outside your comfort zones to return
Datadog to a stable state when failure does occur, even if it falls outside
team boundaries.
Empathy, collaboration, and excellent communication skills to cultivate
strong relationships across various teams in the organization.
You have the ability to understand and work within complex, large
environments.
#LI-AM5
Datadog offers a competitive salary and equity package, and may include
variable compensation. Actual compensation is based on factors such as the
candidate's skills, qualifications, and experience. In addition,
Datadog offers a wide range of best in class, comprehensive and inclusive
employee benefits for this role including healthcare, dental, parental...
For full info follow application link.
"At Datadog, diversity means making a conscious effort to reflect the many