Senior Threat Detection Engineer - Insider Threat

The Detection Engineering and Threat Hunting team builds high-fidelity detection content. We partner closely with internal stakeholders and leverage Datadog’s own security products to continuously evolve our detection and response capabilities.

As a Senior Detection Engineer focused on insider threats, you’ll help drive the roadmap and take ownership of designing, deploying, and tuning detections that identify misuse of access, process mistakes, and external access to internal infrastructure. You’ll work closely with Legal, HR, and Trust & Safety to handle sensitive cases with discretion, while continuously refining signal fidelity and reducing noise.

At Datadog, we place value in our office culture - the relationships and collaboration it builds and the creativity it brings to the table. We operate as a hybrid workplace to ensure our Datadogs can create a work-life harmony that best fits them.

What You’ll Do:

• Learn everything about detecting threats in modern enterprise environments and turn those insights into detections, automations, and defenses that make Datadog more secure.
• Develop detections that uncover misuse of internal tooling and services, helping expose risky or unauthorized activity.
• Owns the entire detection lifecycle from ideation to production and maintenance
• Partner with the Threat Intelligence team to research threats and improve visibility across Datadog’s environment.
• Mentor and support junior security engineers on the team while functionally leading one or more detection work streams.
• Identify inefficiencies in the detection development processes and create  innovative tooling and automation to accelerate development

Who You Are:

• You have experience in detection engineering, threat hunting, or security operations with a focus on insider risk, user behavior, or identity-centric threats.
• You’re comfortable analyzing telemetry from identity systems (e.g., Okta, Google Workspace), SaaS apps, endpoints, and cloud platforms to detect anomalies and misuse.
• Experience working closely with threat intelligence teams to research threats and translate insights into detections.
• Experience detecting threats through a wide variety of technologies and datasets using a modern detection engineering approach
• Expert proficiency with Python, Golang or other programming languages
• Experience measuring the quantitative and qualitative effectiveness of security controls to make data-driven decisions 

Datadog values people from all walks of life. We understand not everyone will meet all the above qualifications on day one. That's okay. If you’re passionate about technology and want to grow your skills, we encourage you to apply.

Benefits and Growth: 

• New hire stock equity (RSUs) and employee stock purchase plan (ESPP)
• Continuous professional development, product training, and career pathing
• Intradepartmental mentor and buddy program for in-house networking
• An inclusive company culture, ability to join our Community Guilds (Datadog employee resource groups)
• Access to Inclusion Talks, our internal panel discussions
• Free, global mental health benefits for employees and dependents age 6+
• Competitive global benefits

Benefits and Growth listed above may vary based on the country of your employment and the nature of your employment with Datadog.
To conform to US export control regulations, candidates should be eligible for any required authorizations from the US government. This job is available in various departments within our company; to conform to US export control regulations, some of these roles may require candidates to be eligible for any required authorizations from the US government.