Senior Security Engineer, Security Incident Response Team (SIRT)

<p data-renderer-start-pos="1">The Security Incident Response Team (SIRT) plays a vital role in keeping Datadog safe from cybersecurity threats, defending the organization against threat actors, and maintaining the trust of our customers by ensuring their data remains protected. In this role, you will work closely with teams across Datadog to identify, triage, and respond to a wide range of threats, ensuring that we can contain any incidents as quickly as possible. You will also contribute to the tools and systems that make us more effective in our mission, and help ensure we have cross-functional learning from incidents to improve our defensive posture going forward.</p> <p data-renderer-start-pos="651"><em data-renderer-mark="true">At Datadog, we place value in our office culture - the relationships and collaboration it builds, and the creativity it brings to the table. We operate as a hybrid workplace to ensure our Datadogs can create a work-life harmony that best fits them.</em></p> <p data-renderer-start-pos="904"><strong data-renderer-mark="true">What You’ll Do:</strong></p> <ul class="ak-ul" data-indent-level="1"> <li> <p data-renderer-start-pos="923">Partner with our Cyber Threat Intelligence and Detection Engineering teams to identify threats to Datadog and ensure we have appropriate, accurate, high-signal detections for those threats.</p> </li> <li> <p data-renderer-start-pos="1116">Triage escalated alerts to determine whether a security incident is occurring or may occur imminently.</p> </li> <li> <p data-renderer-start-pos="1222">Respond to security incidents, whether as an incident commander or as an incident responder</p> </li> <li> <p data-renderer-start-pos="1317">Make us more efficient through building tools and automations that eliminate repetitive processes</p> </li> <li> <p data-renderer-start-pos="1418">Help us improve our overall security posture through post-incident reviews, tabletop and purple team exercises, and process/runbook improvements.</p> </li> <li> <p data-renderer-start-pos="1567">Participate in a light on-call rotation.</p> </li> </ul> <p data-renderer-start-pos="1614"><strong data-renderer-mark="true">Who You Are:</strong></p> <ul class="ak-ul" data-indent-level="1"> <li> <p data-renderer-start-pos="1630">You have at least 5 years of experience in security incident response, threat hunting, security operations, cloud security, or other operational security domains.</p> </li> <li> <p data-renderer-start-pos="1796">You’ve worked with at least one public cloud platform (AWS, GCP, or Azure) and cloud-native technologies like Kubernetes, Docker, or Terraform.</p> </li> <li> <p data-renderer-start-pos="1943">You have a strong understanding of cloud-native threat actor TTPs and corresponding defensive controls and actively stay up to date with the threat landscape from various blogs, whitepapers, and conference talks.</p> </li> <li> <p data-renderer-start-pos="2159">You’ve used a wide range of technologies and datasets to detect threats in cloud and enterprise environments</p> </li> <li> <p data-renderer-start-pos="2271">You have experience building and supporting tools for incident response and forensic use cases using Python, Go, or similar programming languages.</p> </li> </ul> <p data-renderer-start-pos="2424"><em data-renderer-mark="true">Datadog values people from all walks of life. We understand not everyone will meet all the above qualifications on day one. That's okay. If you’re passionate about technology and want to grow your skills, we encourage you to apply.</em></p> <p data-renderer-start-pos="2660"><strong data-renderer-mark="true">Benefits and Growth:</strong></p> <ul class="ak-ul" data-indent-level="1"> <li> <p data-renderer-start-pos="2684">Generous and competitive benefits package</p> </li> <li> <p data-renderer-start-pos="2729">New hire stock equity (RSUs) and employee stock purchase plan</p> </li> <li> <p data-renderer-start-pos="2794">Continuous career development and pathing opportunities</p> </li> <li> <p data-renderer-start-pos="2853">Employee-focused best in class onboarding</p> </li> <li> <p data-renderer-start-p