Security Engineer - Offensive Security and Assessment
We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—providing always-on alerting, metrics visualization, logs, and application tracing for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.
The Offensive Security and Assessment team helps keep Datadog safe by using offensive skill sets to discover our infrastructure, identify vulnerabilities, test defenses and create tooling to enable visibility and threat hunting within the organization.
We're looking for individuals with a background in offensive security, network penetration testing, application security and experience testing cloud hosted assets. Experience with exploit development, social engineering and software development are a plus.
- Assess a network, environment or technology
- Write tooling to assist with offensive security assessment
- Conduct discovery activities to map environments
- Participate in offensive security exercises
- Perform penetration testing, code reviews, and design/architecture reviews
- Conduct vulnerability research and / or exploit development
- Work closely with development teams to mitigate or remediate security vulnerabilities
- Empower developers to do their job securely without creating additional friction
- Educate your fellow engineers about security in application code and infrastructure
- Assist in incident response activities
- Passion and demonstrated experience for challenging security assumptions
- Experience with attacking cloud based environments, software development technologies, and web applications
- High level of competency in cloud automation technologies, such as Terraform
- Familiarity and experience with AWS, GCP and other cloud providers
- High level of situational and operational awareness
- Strong understanding of the security fundamentals of access and identity
- Demonstrated competency in multiple security disciplines
- Can provide examples of the ability to solve difficult problems
- Demonstrated experience working with a distributed team
- Desire to work in a fast-paced, high-growth startup environment that respects its engineers and customers