Security Research Analyst - Product
New York, Boston, Remote-US
We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—providing always-on alerting, metrics visualization, logs, and application tracing for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.
The Security Detection team at Datadog develops detection capabilities that power Datadog’s Security Monitoring product. We’re taking a new approach to the stale security information and event management (SIEM) market by leveraging detailed observability data in a cloud-native way. In partnership with the rest of the product organization, you will research attacker techniques to help engineers keep their applications and infrastructure secure.
As a Security Detection Analyst attached to the Product team, you will deliver OOTB or custom detection capabilities to our Security product(s) in order to notify customers when they are under attack. Your research will be used by our customers to reduce their mean time to detect threats and to improve their own threat hunting capabilities. Together with your team, you will research attacker techniques against cloud-native technologies and evangelize your findings with the community.
- Learn everything about detecting threats in cloud-native environments, and pour it back into building a great product
- Talk to highly technical customers about their security, listen to their needs, and work with the team to solve their problems
- Balance many factors (market, customers, team) to prioritize which threat detection capabilities to prioritize
- Grow to understand our users (software developers, ops engineers) deeply; deliver threat detection capabilities they find useful out of the box
- Work closely with Product Management to shape the Security Monitoring product
- Write, create and deliver content for our community such as blog posts, documentation, webinars and workshops
- You have a proven track record at identifying attacker techniques, ideally in the cloud (AWS, GCP, Azure, Kubernetes, etc)
- You have first-hand experience working in security operations, offensive security, or DFIR
- You have experience in application security and detecting attackers within application logs
- You enjoy talking to highly technical customers
- You get things done and are motivated by the impact your actions have around you
- You have a Bachelor's Degree in Computer Science, Engineering, or equivalent experience