Security Engineer II - Cloud Security

Join to apply for the Security Engineer II - Cloud Security role at Datadog

Join to apply for the Security Engineer II - Cloud Security role at Datadog

Get AI-powered advice on this job and more exclusive features.

The Security Research team at Datadog creates and ships impactful security detection content for Datadog’s portfolio of cloud security products. As part of the Security Research organization, you will join a diverse team of hackers and builders who launch impactful security products and research via cross-company collaboration, partnerships with the security community and open source initiatives.

As a Security Engineer II for Cloud Security, you will deliver novel detection content to our cloud security products in order to notify customers when risky cloud configurations, cloud identity risks and potential attack paths are detected in their cloud environments using a plethora of observability and security data. You will creatively identify ways to provide coverage of security frameworks and benchmarks to our customers and identify areas of improvement for technology, process and detection for Datadog.

Together with your team, you will research cloud infrastructure vulnerabilities and misconfigurations, as well as attacker techniques against cloud-native technologies and evangelize your findings with the community. You’ll apply data-driven insights to generate the highest quality security findings for Datadog customers. Additionally, you’ll serve as the voice of the customer to continuously provide product feedback through our partner product teams.

At Datadog, we place value in our office culture - the relationships and collaboration it builds and the creativity it brings to the table. We operate as a hybrid workplace to ensure our Datadogs can create a work-life harmony that best fits them.



What You’ll Do:

• Continuously learn everything about detecting attack paths, identity risks, misconfigurations, and vulnerabilities in cloud-native environments and pour it back into building a great cloud security product for our customers
• Leverage Open Policy Agent (OPA) to build and maintain highly contextualized detections for our Cloud Security Posture Management (CSPM) and Infrastructure-As-Code detection products using OPA’s Rego policy language to protect Datadog customer cloud environments and test those detections end-to-end with Terraform
• Develop risk relationships between a variety of cloud native technologies serving our Cloud Security Graph
• Model cloud native technical controls across a variety of both governmental and commercial compliance frameworks and security benchmarks to help our customers achieve both compliant and secure cloud configuration state
• Partner with product management, engineering, security research and customers to develop roadmaps of content for cloud security and compliance concerns
• Identify and drive inefficiencies out of content development processes through the creation of innovative tooling, automation; shepherd platform issues impacting content development and user experience through engineering to completion
• Evangelize yourself and the Datadog security brand through blog posts, documentation, webinars, and workshops. Present at conferences to highlight the challenges and successes in the field

• A previous background in cloud security engineering, detection engineering, or other cloud security function
• Experience operating in at least one public cloud platform (AWS, GCP, Azure) and other cloud native technologies (Kubernetes, Docker, Terraform)
• Understanding of modern cloud native attacker techniques and familiarity with technical controls to prevent and detect these attacks
• Understanding of compliance and security frameworks and benchmarks in order to map these frameworks to technical controls such as CSPM
• Basic proficiency with Golang and Python programming languages
• Experience measuring the quantitative and qualitative effectiveness of security controls to make data-driven decisions