Senior Security Researcher - Application Security Management

Paris, France

Applications have closed

Datadog

See inside any stack, any app, at any scale, anywhere.

View company page

We are looking for a Senior Security Researcher to help build our Application Security Management (ASM) product capability. This role will work directly with our Security Research team, the Director of Security Research, and our Product organization to find novel ways to detect threats and vulnerabilities affecting customer production applications. You will use a combination of Datadog APM observability and security data to stop threat actors from attacking our ecosystem of customers. 

You’ll have an opportunity to influence product direction, find never-before-seen attacks and vulnerabilities, and integrate your findings with our product and our open source initiatives as we scale the ASM product.

At Datadog, we place value in our office culture - the relationships that it builds, the creativity it brings to the table, and the collaboration of being together. We operate as a hybrid workplace to ensure our employees can create a work-life harmony that best fits them.

 

What You’ll Do:

  • Write, deploy, and monitor rule health and performance across our testing, honeypot and customer production infrastructure 
  • Work closely with other Detection Engineers, Security Researchers, and Product Managers to identify and prioritize new rules, product features, and areas of improvement
  • Track, research, and experiment with the latest tactics, techniques and procedures for attacking and defending production applications and their corresponding technologies
  • Work closely with the security research team to create Proof-of-Concept (PoCs) methodologies, software and algorithms to combine our observability and security data and find new attacks
  • Research attack chains in production environments using the latest web, DevOps, and cloud applications, and creating tooling and recommendations to attack and defend these platforms
  • Work with cloud, production and software supply-chain data to identify new threats and vulnerabilities
  • Write, create and deliver content for our community such as blog posts, conference talks and webinars

Who You Are:

  • You have in-depth knowledge of the Web application attack ecosystem, and can comfortably talk about frameworks such as the OWASP Top 10
  • You can create proof of concept attacks in vulnerable environments to emulate detection scenarios using code, and aren’t afraid to learn new software languages
  • You have experience working on teams in the offensive security, application security, security operations, penetration testing or incident response space
  • You are comfortable with DevOps concepts, and can create, modify and emulate production environments using containers, virtual machines and other infrastructure tools
  • You are eager to work for a product organization and making an impact to Datadog customers by protecting them from threat actors
  • You are eager to collaborate with your teammates, colleagues and the security community

Datadog values people from all walks of life. We understand not everyone will meet all the above qualifications on day one. That's okay. If you’re passionate about technology and want to grow your skills, we encourage you to apply. 

 

Benefits and Growth:

  • New hire stock equity (RSUs) and employee stock purchase plan (ESPP)
  • Continuous professional development, product training, and career pathing
  • Intradepartmental mentor and buddy program for in-house networking
  • An inclusive company culture, ability to join our Community Guilds (Datadog employee resource groups)
  • Access to Inclusion Talks, our Internal panel discussions
  • Free, global mental health benefits for employees and dependents age 6+
  • Competitive global benefits

Benefits and Growth listed above may vary based on the country of your employment and the nature of your employment with Datadog.

#LI-LT1

About Datadog: 

Datadog (NASDAQ: DDOG) is a global SaaS business, delivering a rare combination of growth and profitability. We are on a mission to break down silos and solve complexity in the cloud age by enabling digital transformation, cloud migration, and infrastructure monitoring of our customers’ entire technology stacks. Built by engineers, for engineers, Datadog is used by organizations of all sizes across a wide range of industries. Together, we champion professional development, diversity of thought, innovation, and work excellence to empower continuous growth. Join the pack and become part of a collaborative, pragmatic, and thoughtful people-first community where we solve tough problems, take smart risks, and celebrate one another. Learn more about #DatadogLife on Instagram, LinkedIn and Datadog Learning Center.

Equal Opportunity at Datadog:

Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

Your Privacy:

Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Application security ASM Cloud DevOps Honeypots Incident response Monitoring Offensive security Open Source OWASP Pentesting POCs Privacy SaaS Vulnerabilities

Perks/benefits: Career development Health care

Region: Europe
Country: France
Job stats:  14  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.