Sr. Analyst, GRC Systems and Processes - job 2 of 2

About Datadog: 

We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—providing always-on alerting, metrics visualization, logs, and application tracing for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.

The team:

Datadog is looking for a Sr. Analyst, GRC Systems and Processes to join the GRC team. The team is responsible for collaborating with control owners (e.g. engineering and other business units) to consult and provide guidance for the design and implementation of key security controls and technologies. The team’s objective is to ensure that control requirements are informed by Datadog’s current control implementations and translated in a way that leads to clear action planning, maintenance and remediation by control owners. The team also manages and coordinates the complete internal and external audit lifecycle. This role is responsible for implementing tools, standards, processes and workflows that help automate and streamline all aspects of the GRC team’s responsibilities. This role has an opportunity to establish long-lasting, scalable and repeatable practices that are necessary to support Datadog’s rapid growth!

If you thrive in a small-team environment, where strong collaboration, partnership, continuous improvement and the opportunity to wear a variety of hats is a must-Datadog is very interested in talking to you!

 The opportunity:

• Implement tools and automated procedures to manage all aspect of GRC, partnering with Datadog’s Compliance Operations team to streamline the audit management lifecycle 
• Ensure that tools and processes are properly integrated with organizational systems of record
• You will use your GRC experience to design and implement cross functional GRC workflows that scale and provide measurable improvements
• Collaborate with various stakeholders to ensure their standard work standards and tools are incorporated into a cohesive GRC solution
• Support other GRC team members by serving as a backup to security efforts to acquire and maintain industry certification.
• As needed and as time permits, provide solutions consulting using modern technology to allow Datadog’s security and engineering teams to move quickly and adapt to an evolving threat landscape.
• Coordinate the implementation of technical architecture and engineering requirements
• Document Datadog practice to provide transparency to customers, prospects and other stakeholders.
• Create and maintain automated solutions to uphold Datadog’s continuous compliance with a broad set of industry and federal regulations.
• Drive compliance efforts to enable Datadog to enter increasingly regulated markets.

Requirements:

• You have a BS or equivalent experience.
• You have a minimum of 5 years of relevant industry experience.
• Your writing is beyond reproach.
• You are fanatical about the documentation of clear requirements that require cross functional cooperation
• You have demonstrable experience implementing GRC tools and automated processes that have had a measurable efficiency and scalable impact
• You have deep understanding on how to address challenges and avoid potential pitfalls in the implementation of GRC tools in an organization that uses a variety of work management systems and different processes
• You have demonstrable experience collaborating with engineering teams to help them understand control requirements and methodical implementation approaches that are informed by current practices.
• You have successfully managed and completed a third-party, security audit engagement, in a cloud native environment, that resulted in securing authorization, certification of compliance status. 
• Exposure to multiple compliance and regulatory regimes (e.g. FedRAMP (NIST 800-53), HIPAA, ISO 27001, PCI DSS).
• You want to work in a fast paced, high growth environment that values pragmatism and initiative.
• You have a hunger to become a subject matter expert in a variety of security frameworks!

Bonus points:

• Relevant Industry Certification (CISSP, CISA, GCIH).
• Compliance Certification (ISO 27001 Lead Auditor/Implementer, QSA).
• Experience with Python or Go scripting.
• Verbal communication is your cup of tea.

This is a remote position

class="content-conclusion">

Equal Opportunity at Datadog:

Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

Your Privacy:

Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.