Information Security Analyst
Denver, Colorado, USA
Applications have closed
We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—allowing for seamless collaboration and problem-solving among Dev, Ops and Security teams globally for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.
The Governance, Risk and Compliance (GRC) team works within the Information Security organization and across Datadog to implement, monitor, and continuously improve Datadog’s security, risk, and compliance programs.
As an Information Security Analyst, you will support our SOX program. You will work with Datadog’s Internal Audit team to define the SOX scope and create ITGCs to support meeting Datadog’s SOX obligations. You will work with Engineering and Finance teams to implement an appropriate control framework, provide support where applicable, and remediate identified issues. You will also own and manage User Access Reviews which are conducted quarterly across a variety of mostly SaaS based systems.
What you will do:
-
Serve as a key liaison and manage expectations between internal teams (including Engineering) and internal/external auditors.
-
Lead the successful completion of the quarterly UAR (User Access Review) audit process.
-
Create and/or remediate ITGC (IT General Controls) in support of meeting audit objectives for all ITGC SOX areas.
-
Design IT testing procedures to identify and evaluate risk exposures and determine the effectiveness and efficiency of controls, particularly for new system or process control readiness.
-
Assist with the creation of effective remediation solutions and/or exception documentation where applicable.
-
Serve as the SOX Compliance subject matter expert and point of contact to Internal and External Auditors.
-
Assist technical teams with creation and implementation of IT controls objectives.
Who you are:
-
Minimum of 5-10 years’ work experience in IT Risk Management, SOX compliance and auditing with a strong background in IT controls.
-
A background in auditing SaaS based tech (AWS, GCP, Azure, and other SaaS based vendors like Salesforce, Workday, ServiceNow, etc.).
-
Expert understanding of Sarbanes-Oxley (SOX) and other compliance requirements that may impact compliance.
-
Experience developing, and implementing security and control solutions that address SOX requirements.
-
Ability to effectively mentor other team members as needed.
Datadog values people from all walks of life. We understand not everyone will meet all the above qualifications on day one. That's okay. If you’re passionate about technology and want to grow your skills, we encourage you to apply.
Benefits and Growth:
-
New hire stock equity (RSUs) and employee stock purchase plan (ESPP)
-
Continuous professional development, product training, and career pathing
-
Intradepartmental mentor and buddy program for in-house networking
-
An inclusive company culture, ability to join our Community Guilds (Datadog employee resource groups)
-
Access to Inclusion Talks, our internal panel discussions
-
Free, global mental health benefits for employees and dependents age 6+
-
Competitive global benefits
#LI-KB4
Equal Opportunity at Datadog:
Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
Your Privacy:
Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits AWS Azure Compliance Finance GCP Governance Privacy Risk management SaaS
Perks/benefits: Career development Health care Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs