Security Analyst - GRC
New York, Boston, Remote-US
Applications have closed
About Datadog:
We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—providing always-on alerting, metrics visualization, logs, and application tracing for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.
The team:
Datadog is looking for a Senior Security Analyst to join our GRC team. The team is responsible for collaborating with control owners (e.g. engineering and other business units) to consult and provide guidance for the design and implementation of key security controls and technologies. As a security and regulatory framework subject matter expert, this role’s primary goal is to ensure that control requirements are informed by Datadog’s current control implementations and translated in a way that leads to clear action planning, maintenance and remediation by control owners. This role has the opportunity to provide guidance in most of the industry-standard security frameworks (e.g. SOC 2, ISO, PCI-DSS, HIPAA).
If you thrive in a small-team environment, where strong collaboration, partnership, continuous improvement and the opportunity to wear a variety of hats is a must-Datadog is very interested in talking to you!
The opportunity:
- Play a primary role in designing and maintaining a compliance program that consists of a variety of regulatory frameworks
- Participate and lead security efforts to acquire and maintain industry certification.
- Provide solutions consulting using modern technology to allow Datadog’s security and engineering teams to move quickly and adapt to an evolving threat landscape.
- Coordinate the implementation of technical architecture and engineering requirements
- Document Datadog practice to provide transparency to customers, prospects and other stakeholders.
- Create and maintain automated solutions to uphold Datadog’s continuous compliance with a broad set of industry and federal regulations.
- Drive compliance efforts to enable Datadog to enter increasingly regulated markets.
Requirements:
- You have a BS or equivalent experience.
- You have a minimum of 5 years of relevant industry experience.
- Your writing is beyond reproach.
- You have demonstrable experience collaborating with engineering teams to help them understand control requirements and methodical implementation approaches that are informed by current practices.
- You have successfully managed and completed a third-party, security audit engagement, in a cloud native environment, that resulted in securing authorization, certification of compliance status.
- Exposure to multiple compliance and regulatory regimes (e.g. FedRAMP (NIST 800-53), HIPAA, ISO 27001, PCI DSS).
- You want to work in a fast paced, high growth environment that values pragmatism and initiative.
- You have a hunger to become a subject matter expert in a variety of security frameworks!
Bonus points:
- Relevant Industry Certification (CISSP, CISA, GCIH).
- Compliance Certification (ISO 27001 Lead Auditor/Implementer, QSA).
- Experience with Python or Go scripting.
- Verbal communication is your cup of tea.
Equal Opportunity at Datadog:
Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
Your Privacy:
Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.
Tags: CISA CISSP Cloud Compliance FedRAMP GCIH HIPAA ISO 27001 NIST PCI DSS Privacy Python Scripting SOC 2
Perks/benefits: Transparency
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs