Security Engineer II - Vulnerability Governance

New York, New York, USA


Datadog is seeking an outstanding Security Engineer to support the Vulnerability Governance program in our growing multi-provider ecosystem. You will identify and drive remediation for vulnerabilities discovered across Datadog's infrastructure, building on platforms to automate the processes in order to triage and prioritize security deviations to closure, and provide insight to the state of security of Datadog. You will collaborate with various security, engineering, and compliance teams to understand technical constraints and compliance requirements, deep-dive into open vulnerabilities to understand and document true risks to our environment, identify solutions that reduce risk, and automate reporting for multiple compliance frameworks.

At Datadog, we place value in our office culture - the relationships and collaboration it builds and the creativity it brings to the table. We operate as a hybrid workplace to ensure our Datadogs can create a work-life harmony that best fits them.

What You'll Do:

  • Work across multiple technologies to perform vulnerability impact assessment, root causes analysis, risk adjustments, and drive  remediation within SLAs. Define vulnerability scanning configurations that satisfy various compliance frameworks
  • Develop, deploy, and maintain services that automate triage analysis and reporting of vulnerabilities for internal and external stakeholders
  • Use custom and third party tools, as well as the Datadog platform, to report, and remediate vulnerabilities
  • Partner with internal and external customers to analyze security reports, identify false positives, and plan fixes required
  • Provide evidence and subject matter expertise for vulnerability management processes and controls for multiple compliance frameworks (such as SOC2, HIPAA, PCI, FedRAMP, ISO etc.)

Who You Are:

  • You have a track record of managing identification, assessment and remediation of vulnerabilities within large software systems
  • You are experienced in one or more programming languages (Golang, Python, Java etc)
  • You have familiarity with vulnerability scanning requirements associated with multiple compliance frameworks (such as CIS, NIST, STIG, PCI etc.)
  • You are experienced with usage of orchestration platforms and container runtimes, infrastructure as code and cloud-native or multi-cloud environment (we use AWS, GCP and Azure)
  • You have experience in driving efficiencies through automation, orchestration and partnerships with external teams
  • You have good knowledge of integrating, analyzing, and communicating relevant metrics for very large data sets
  • You are able to work independently and collaboratively, and communicate effectively in a fast-paced, high growth, distributed organization
  • You have experience presenting the state of vulnerabilities to auditors and customers
  • You have a BS/MS/PhD in a Computer Science, Engineering or related scientific field or equivalent experience
  • To conform to US export control regulations, candidates should be eligible for any required authorizations from the US government

Datadog values people from all walks of life. We understand not everyone will meet all the above qualifications on day one. That's okay. If you’re passionate about technology and want to grow your skills, we encourage you to apply.

Datadog offers a competitive salary and equity package, and may include variable compensation. Actual compensation is based on factors such as the candidate's skills, qualifications, and experience. In addition, Datadog offers a wide range of best in class, comprehensive and inclusive employee benefits for this role including healthcare, dental, parental planning, and mental health benefits, a 401(k) plan and match, paid time off, fitness reimbursements, and a discounted employee stock purchase plan.

The reasonably estimated yearly salary for this role at Datadog is:
$149,000$190,000 USD

About Datadog: 

Datadog (NASDAQ: DDOG) is a global SaaS business, delivering a rare combination of growth and profitability. We are on a mission to break down silos and solve complexity in the cloud age by enabling digital transformation, cloud migration, and infrastructure monitoring of our customers’ entire technology stacks. Built by engineers, for engineers, Datadog is used by organizations of all sizes across a wide range of industries. Together, we champion professional development, diversity of thought, innovation, and work excellence to empower continuous growth. Join the pack and become part of a collaborative, pragmatic, and thoughtful people-first community where we solve tough problems, take smart risks, and celebrate one another. Learn more about #DatadogLife on Instagram, LinkedIn, and Datadog Learning Center.


Equal Opportunity at Datadog:

Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. Here are our Candidate Legal Notices for your reference.

Your Privacy:

Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.