Senior Security Engineer - Application Security

Datadog - New York, NY

posted 3 months ago

Full-time - Senior
New York, NY
Computing Infrastructure Providers, Data Processing, Web Hosting, and Related Services

About the position

As a Senior Application Security Engineer at Datadog, you will play a crucial role in enabling developers to build secure applications. This position involves working closely with Datadog engineering teams to establish secure-by-default practices across widely adopted platforms. You will provide essential application security operational services, including conducting security reviews, offering developer security education, and managing product security incident responses. This role presents a unique opportunity to leverage Datadog's robust product suite, which includes Logs, Dashboards, Service Catalog, and Application Performance Monitoring (APM). You will not only build out security services but also collaborate with engineers who prioritize strong security and reliability ownership. Your contributions will significantly shape security practices across our rapidly evolving platforms. In this role, you will gain a deep understanding of Datadog's software development life cycle, software supply chain, build pipelines, delivery mechanisms, and configuration management. You will lead the development and implementation of secure-by-default solutions across various applications and platforms. Conducting threat modeling on new and existing products with engineering teams using frameworks such as STRIDE will be a key responsibility. Additionally, you will design and lead developer security training to enhance design and coding best practices. Working with engineering teams, you will align new features to achieve world-class security, identify top company threats across products and services, and prioritize remediation efforts. Your ability to empathize with both our customers and engineers will be essential as you advocate for effective solutions that scale with the needs of our business and our customers. You will also serve as a subject matter expert for other teams regarding building, delivering, and deploying code at Datadog, providing mentorship and guidance to junior security engineers.

Responsibilities

  • Get a deep understanding of Datadog's software development life cycle, software supply chain, build pipelines, delivery mechanisms and configuration management.
  • Lead the development and implementation of secure-by-default solutions across various applications and platforms.
  • Conduct threat modeling on new and existing products with engineering teams using frameworks such as STRIDE.
  • Design and lead developer security training to enhance design and coding best practices.
  • Work with engineering teams to align new features to achieve world-class security.
  • Identify top company threats across products and services and prioritize remediation efforts.
  • Empathize with the full spectrum of our customers and our engineers by advocating for effective solutions that scale with the needs of our business and our customers.
  • Serve as a subject matter expert for other teams regarding building, delivering, and deploying code at Datadog.
  • Provide mentorship and guidance to junior security engineers.

Requirements

  • Background in Application Security - OWASP Top 10, XSS, injection, access control, cryptography, static analysis security testing (SAST), dynamic analysis security testing (DAST), security libraries.
  • Background in software engineering or development in a collaborative environment. Go, Python are preferred.
  • Ability to lead the development and implementation of secure-by-default solutions across various applications and platforms.
  • Experience implementing secure by default framework, libraries, and solutions.
  • Ability to perform secure design reviews and threat models with staff engineers and architects on complex systems.
  • Empathy, collaboration skills, and a learning mindset to work cross functionally with engineers of all levels from product and platform teams across Datadog stack.
  • Proven track record of driving security initiatives with leadership and engineering buy-in.

Nice-to-haves

  • Passion for technology and a desire to grow skills.

Benefits

  • New hire stock equity (RSUs) and employee stock purchase plan (ESPP).
  • Continuous professional development, product training, and career pathing.
  • Intradepartmental mentor and buddy program for in-house networking.
  • An inclusive company culture, ability to join our Community Guilds (Datadog employee resource groups).
  • Access to Inclusion Talks, our internal panel discussions.
  • Free, global mental health benefits for employees and dependents age 6+.
  • Competitive global benefits including healthcare, dental, parental planning, and mental health benefits, a 401(k) plan and match, paid time off, fitness reimbursements, and a discounted employee stock purchase plan.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service