Lead Security Analyst - FedRAMP

We’re on a mission to bring trustworthiness and transparency to DevOps. We need you to help secure a massively scalable, elegant system that turns billions of data points per day into meaning for our customers. If you’re excited to work on a fast-moving team with the best open-source data tools at high scale, we want to meet you.

As the Lead Security Analyst - FedRAMP, you will be responsible to build, lead, and support ongoing FedRAMP compliance activities at Datadog. You will monitor and respond to efforts across different U.S. Government regulations and standards such as, FedRAMP, NIST, FIPS, FISMA, DISA SRG, DISA and STIG’s, as applicable.

You will provide leadership and subject matter expertise for the design, implementation, operations, management, and maintenance of the Datadog product in all aspects of Information Assurance and Information Security as it relates to Datadog’s FedRAMP activities. This includes being able to assess and mitigate system security threats and risks, validate system security requirements, analyze and collaborate on system security designs, verify compliance with system security requirements, perform system audits, testing, support security compliance audits, and act as liaison with other departments and business units to supporting ongoing system security operations and maintenance.

What you will do:

  • Manage day to day operations of Datadog’s Federal Security program
  • Lead security efforts in pursuit of U.S. Government accreditations (FedRAMP, NISPOM, DIACAP)
  • Synthesize complex customer documents (MSAs, Security Addendums, etc.) into concrete requirements for the Datadog Engineering, Legal and Finance teams
  • Document Datadog practices to provide transparency to customers, prospects and other stakeholders
  • Communicate directly with Datadog customers, prospects and other stakeholders
  • Drive compliance efforts to enable Datadog to enter increasingly regulated markets
  • Track progress toward implementation of compliance objectives
  • Design defensive policies that allow the Datadog security and general engineering teams to move quickly and adapt to an evolving threat landscape
  • Serve as mentor to junior staff, sharing technical depth and understanding of complex information security requirements with others to improve team performance

Who you are

  • You have a BS or a minimum 10 years of relevant industry experience
  • You have a proven track record working in security policy, compliance, information security operations or security consulting
  • You value correctness and efficiency, and leave no stone unturned when reviewing documentation
  • Exceptional attention to detail
  • You want to work in a fast, high growth startup environment
  • You are a US Citizen or Permanent Lawful Resident

Bonus points

  • Relevant Industry Certification (CISSP, CISA, GIAC)
  • You’ve led a team before
  • Compliance Certification a big plus (Prior 3PAO, ISO 27001 Lead Auditor/Implementer, QSA)
  • You feel comfortable and enjoy talking to highly technical engineering teams
  • Your writing is beyond reproach
  • Verbal communication is your cup of tea
  • Deep exposure to multiple compliance and regulatory regimes (e.g. FedRAMP, GDPR, HIPAA, ISO 27001, PCI DSS)

Back to top