Detection Engineer, Product - Cloud Workload Security
About Datadog:
We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—allowing for seamless collaboration and problem-solving among Dev, Ops and Security teams globally for tens of thousands of companies. Our culture values pragmatism, honesty, and simplicity to solve hard problems the right way.
The Team:
The Product Detection Engineering team at Datadog develops impactful threat detection content for Datadog’s portfolio of Cloud Security products. As part of the Security Research organization, you will join a diverse team of hackers and builders who launch impactful security products and research via cross-company collaboration, partnerships with the security community and open source initiatives.
We are looking for a Detection Engineer to help drive the Cloud Workload Security product, which protects Linux hosts and containers in our customers’ production environments. We’re taking a new approach to cloud security at Datadog by leveraging detailed observability data in a cloud-native way. This detailed observability data has been used by DevOps and Software Engineering teams successfully since our inception, and now Datadog is helping Security teams with their use case.
The Opportunity:
As a Detection Engineer for Cloud Workload Security, you will research all the ways that production workloads, from Linux EC2 instances and docker containers, to Kubernetes clusters, pods, and deployments can be attacked to help organizations protect their infrastructure from modern attack vectors. Your implementations will be used by our customers to improve their threat detection and to harden their configurations. Together with your team, you will research the latest attacks against cloud-native technologies and evangelize your findings with the community.
You Will:
- Track, research, and experiment with the latest tactics, techniques & procedures for attacking and defending Cloud, Container and Production environments. Operationalize that experience into actionable detection monitoring
- Work closely with other Detection Engineers, Security Researchers and Product Managers to identify and prioritize new rules, product features, and areas of improvement
- Think like an adversary and perform threat hunts in new sources to find evidence of attacks
- Partner with highly technical customers, develop roadmaps for workload security, listen to their needs, and work with the team to solve their problems
- Create, write, and deliver content for our community, such as blog posts, documentation, webinars, and workshops. Present at conferences to highlight the challenges and successes in the field
You Are:
- You have deep knowledge of the Linux operating system
- You are comfortable with DevOps concepts surrounding cloud environments and can build an environment to test attacks and detections
- You are curious and passionate to identifying threats in Linux infrastructure, ideally in the cloud (AWS, GCP, Azure, Kubernetes, etc)
- You have experience measuring the effectiveness of security controls, queries and alerting from security and operational logs
- You are familiar with programming and scripting and are comfortable building and optimizing queries for both key-value and relational databases
- You have experience working on teams in offensive or defensive security operations, threat hunting, threat intelligence or incident response
- You believe in making an impact to Datadog customers by protecting them from threat actors
- You have excellent communication skills and are eager to collaborate with teammates, colleagues, and the community
- You want to work with other humble researchers, product managers and engineers to make an impact to not only our customers but the community
Why You Should Apply:
- Generous and competitive global and US benefits
- New hire stock equity (RSUs) and employee stock purchase plan
- Continuous career development and pathing opportunities
- Product training to develop an in-depth understanding of our product and space
- Best in breed onboarding
- Internal mentor and buddy program cross-departmentally
- Friendly and inclusive workplace culture
In accordance with the Colorado Equal Pay Transparency Rule (“EPT”)
At Datadog, we are committed to providing competitive pay and benefits that are in line with industry standards. We analyze and carefully consider several factors when determining compensation, including your work history and professional experience. These considerations potentially can cause your compensation to vary.
The Detection Engineer, Product - Cloud Workload Security role has an annual starting salary of $130,000, and a competitive equity package. The actual pay may be higher depending on your skills, qualifications, and experience. In addition, Datadog offers a wide range of employee benefits. To learn more about Benefits click here.
#LI-EK1
#LI-Remote This is a remote position
Equal Opportunity at Datadog:
Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
Your Privacy:
Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.