Security Analyst - GRC
New York, Boston, Remote-US
We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—providing always-on alerting, metrics visualization, logs, and application tracing for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.
Datadog is looking for a Senior Security Analyst to join our GRC team. The team is responsible for collaborating with control owners (e.g. engineering and other business units) to consult and provide guidance for the design and implementation of key security controls and technologies. As a security and regulatory framework subject matter expert, this role’s primary goal is to ensure that control requirements are informed by Datadog’s current control implementations and translated in a way that leads to clear action planning, maintenance and remediation by control owners. This role has the opportunity to provide guidance in most of the industry-standard security frameworks (e.g. SOC 2, ISO, PCI-DSS, HIPAA).
If you thrive in a small-team environment, where strong collaboration, partnership, continuous improvement and the opportunity to wear a variety of hats is a must-Datadog is very interested in talking to you!
- Play a primary role in designing and maintaining a compliance program that consists of a variety of regulatory frameworks
- Participate and lead security efforts to acquire and maintain industry certification.
- Provide solutions consulting using modern technology to allow Datadog’s security and engineering teams to move quickly and adapt to an evolving threat landscape.
- Coordinate the implementation of technical architecture and engineering requirements
- Document Datadog practice to provide transparency to customers, prospects and other stakeholders.
- Create and maintain automated solutions to uphold Datadog’s continuous compliance with a broad set of industry and federal regulations.
- Drive compliance efforts to enable Datadog to enter increasingly regulated markets.
- You have a BS or equivalent experience.
- You have a minimum of 5 years of relevant industry experience.
- Your writing is beyond reproach.
- You have demonstrable experience collaborating with engineering teams to help them understand control requirements and methodical implementation approaches that are informed by current practices.
- You have successfully managed and completed a third-party, security audit engagement, in a cloud native environment, that resulted in securing authorization, certification of compliance status.
- Exposure to multiple compliance and regulatory regimes (e.g. FedRAMP (NIST 800-53), HIPAA, ISO 27001, PCI DSS).
- You want to work in a fast paced, high growth environment that values pragmatism and initiative.
- You have a hunger to become a subject matter expert in a variety of security frameworks!
- Relevant Industry Certification (CISSP, CISA, GCIH).
- Compliance Certification (ISO 27001 Lead Auditor/Implementer, QSA).
- Experience with Python or Go scripting.
- Verbal communication is your cup of tea.
Equal Opportunity at Datadog:
Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.
Explore more Information Security career opportunities
- Open Cyber Security Engineer Jobs
- Open Network Security Engineer Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open Senior Penetration Tester Jobs
- Open Staff Security Engineer Jobs
- Open Threat Intelligence Analyst Jobs
- Open Vulnerability Analyst Jobs
- Open Senior Infrastructure Security Engineer Jobs
- Open Information Security Officer Jobs
- Open DevOps Security Engineer Jobs
- Open Cybersecurity Analyst Jobs
- Open Chief Information Security Officer Jobs
- Open Software Security Engineer Jobs
- Open Infrastructure Security Engineer Jobs
- Open Computer Forensic Software Engineer Jobs
- Open Lead Security Engineer Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open Personnel Security Officer Jobs
- Open IT Security Engineer Jobs
- Open Senior Information Security Engineer Jobs
- Open Senior Information Security Analyst Jobs
- Open IAM Engineer Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Manager, Cybersecurity and Trust Jobs
- Open Principal Security Engineer Jobs
- Open Audits-related jobs
- Open CEH-related jobs
- Open Clearance-related jobs
- Open Open Source-related jobs
- Open PCI-related jobs
- Open Risk management-related jobs
- Open NIST-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open Google-related jobs
- Open OSCP-related jobs
- Open Machine Learning-related jobs
- Open Ruby-related jobs
- Open Splunk-related jobs
- Open AI-related jobs
- Open IPS-related jobs
- Open Security assessments-related jobs
- Open Threat detection-related jobs
- Open Encryption-related jobs
- Open Docker-related jobs
- Open Unix-related jobs
- Open DNS-related jobs
- Open TCP/IP-related jobs
- Open HIPAA-related jobs