Security Analyst - Vulnerability Management

About Datadog:

At Datadog, we’re on a mission to build the best monitoring platform in the world. We operate at high scale—trillions of data points per day—providing always-on alerting, metrics visualization, logs, and application tracing for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.

 

The opportunity:

Datadog is looking for a Senior Security Analyst to join our Governance, Risk and Compliance team. The team is responsible for designing and implementing key security controls and technologies, collaborating on engineering and business efforts across the company, and operate as subject matter expert.  By using existing platforms and building new tools, you will help secure Datadog as we seek to better serve the customers who rely on us every day.

 

You will:

  • Manage the discovery, analysis, tracking, and remediation of vulnerabilities across multiple intakes
  • Manage and automate Datadog’s robust Vulnerability Management program
  • Automate and continuously improve compliance programs and controls
  • Design and contribute to mitigation strategies and compensating controls
  • Audit and maintain systems related Vulnerability Management programs
  • Share data and educate Datadog team members on your programs
  • Exercise risk-based judgment to help teams make the right security calls
  • Build security tools and systems to solve capability challenges
  • Evaluate the impact to the organization of current security trends, advisories, publications, and academic research
  • Perform technical vulnerability/risk/threat assessments

 

Requirements:

  • You have a proven track record in security program management, including sizable vulnerability management programs
  • You have production experience with AWS, GCP or Azure, and are comfortable using security tools in these environments
  • You can speak to the technical and business impacts of a vulnerability or bug
  • You handle infrastructure with code because automation lets you focus on the more difficult and rewarding problems
  • You want to work in a fast, high-growth startup environment
  • You have 5+ years relevant technology experience

 

Bonus Points:

  • Familiar with:
    • Authentication and Authorization concepts
    • Design patterns, repeatable guidance, and policy
    • Basic cryptography and key management
    • Development of security services/tools (Python & Go)
    • Network and host monitoring
    • Linux systems administration
    • Continuous Integration infrastructure and Source Code Repositories
  • Relevant Industry Certification (CISSP, CISA, GCIH)
  • Compliance Certification a big plus (ISO 27001 Lead Auditor/Implementer, QSA)
  • Your writing is beyond reproach
  • Verbal communication is your cup of tea

Back to top