Detection Engineer, Product - Cloud Security Posture Management

About Datadog:

We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—allowing for seamless collaboration and problem-solving among Dev, Ops and Security teams globally for tens of thousands of companies. Our culture values pragmatism, honesty, and simplicity to solve hard problems the right way.

The Team:

The Product Detection Engineering team at Datadog develops impactful threat detection content for Datadog’s portfolio of Cloud Security products. As part of the Security Research organization, you will join a diverse team of hackers and builders who launch impactful security products and research via cross-company collaboration, partnerships with the security community and open source initiatives

We are looking for a Detection Engineer to help drive the Cloud Security Posture Management (CSPM) product. This product helps our customers track the compliance posture of their production environments, automate audit evidence collection, and identify configuration misconfigurations that leave their environments vulnerable to attacks. This product allows our customers to “shift-left” their Cloud environments to stop attacks before they are successful, and is an extremely important component in compliance management.

The Opportunity:

As a Detection Engineer for CSPM, you will deliver detection capabilities to our Security product(s) in order to notify customers when they, or attackers, apply a vulnerable configuration change to their cloud environments. You will creatively identify ways to provide coverage of security frameworks to our customers and identify areas of improvement for technology, process and detection for Datadog. Together with your team, you will research attacker techniques against cloud-native technologies and evangelize your findings with the community.

You Will:

Learn everything about detecting threats in cloud-native environments, and pour it back into building a great product

Proactively research and contextualize critical security compliance frameworks and map those conditions to the CSPM product for security monitoring and framework adherence

Research APIs to discover opportunities for detection and convert policy frameworks to code

Track, research, and experiment with the latest tactics, techniques & procedures for attacking and defending Cloud environments. Operationalize that experience into actionable detection monitoring

Partner with highly technical customers, develop roadmaps for compliance security, listen to their needs, and work with the team to solve their problems

Work closely with other Detection Engineers, Software Engineers, Security Researchers, and Product Managers to identify and prioritize new rules, product features, and areas of improvement

Think like an adversary and perform threat hunts in new sources to find evidence of attacks

Create, write, and deliver content for our community, such as blog posts, documentation, webinars, and workshops. Present at conferences to highlight the challenges and successes in the field

You Are:

You have a track record of identifying attacker techniques, ideally in cloud infrastructure (AWS, GCP, Azure, Kubernetes, etc)

You have experience in interacting with cloud infrastructure (AWS, GCP, Azure) using command line tools or the frontend for secu

You have experience researching and communicating compliance frameworks, both governmental and industry. You have a passion for helping customers use these frameworks to improve their security posture

You are familiar with programming and scripting and are comfortable building and optimizing queries for both key-value and relational databases

You have experience measuring the quantitative and qualitative effectiveness of security controls, queries, and alerts from security and operational logs

You have experience working on teams in offensive or defensive security operations, threat hunting, threat intelligence or incident response

You have a passion for protecting Datadog customers from threat actors by discovering and creating impactful security controls

You have excellent communication skills and are eager to collaborate with teammates, colleagues, and the community

You want to work with other humble researchers, product managers and engineers to make an impact to not only our customers but the community at large 

Why You Should Apply: 

Generous and competitive global and US benefits

New hire stock equity (RSUs) and employee stock purchase plan

Continuous career development and pathing opportunities 

Product training to develop an in-depth understanding of our product and space

Best in breed onboarding

Internal mentor and buddy program cross-departmentally

Friendly and inclusive workplace culture

In accordance with the Colorado Equal Pay Transparency Rule (“EPT”)

At Datadog, we are committed to providing competitive pay and benefits that are in line with industry standards. We analyze and carefully consider several factors when determining compensation, including your work history and professional experience. These considerations potentially can cause your compensation to vary.

The Detection Engineer, Product - CSPM role has an annual starting salary of $130,000, and a competitive equity package. The actual pay may be higher depending on your skills, qualifications, and experience. In addition, Datadog offers a wide range of employee benefits. To learn more about Benefits click here.

This is a remote position

Equal Opportunity at Datadog:

Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

Your Privacy:

Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.