Security Analyst - ITGC
Remote New York, NY, USA; Remote Boston, Massachusetts, USA
Applications have closed
About Datadog:
We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—providing always-on alerting, metrics visualization, logs, and application tracing for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.
The Team:
The Governance, Risk and Compliance (GRC) team works within the Information Security organization and across Datadog to implement, monitor, and continuously improve Datadog’s security, risk, and compliance programs.
The Job:
As a Security Analyst on the GRC team, you will manage the implementation, operation, and continuous improvement of Datadog’s IT General Controls. This role will support the company’s ITGC SOX-404 compliance program, working across our global organization to identify technology risks and managing regulatory impact on the organization.
You will also conduct technical risk assessments on internal business processes, M&A activities, and produce formal documentation to provide transparency to customers, colleagues, and auditors. You will partner with Datadog’s Internal and External auditors to expertly navigate regulatory audits, and ensure the reliability of testing. You’ll coordinate with engineering and business owners to ensure controls are properly designed and continuously compliant. You will also consult on new business initiatives, system implementations, policy changes, and assess the impact of changes on internal controls.
You Will:
- Analyze the configuration and operation of systems that support Datadog’s financial controls.
- Collaborate across the business on ITGC SOX compliance and IT internal audits.
- Identify and manage risk associated with privileged access to Datadog’s technical financial systems.
- Lead security assessments of third parties that provide services to Datadog.
- Design and implement processes and technology in support of Datadog’s security and compliance programs.
- Conduct risk assessments against industry standard security frameworks.
- Create documentation to provide transparency to customers, prospects and other stakeholders.
- Drive new compliance efforts to enable Datadog to enter increasingly regulated markets.
Requirements:
- You have a BS or at least 4 years of relevant industry experience.
- You have familiarity with AWS, GCP, or Azure.
- You have exposure to compliance and regulatory regimes (e.g. SOX, HIPAA, FedRAMP, ISO 27001, PCI DSS).
- You have a proven track record working in security audit, compliance, information security operations, or security consulting.
- You value correctness and efficiency, and have exceptional eye for detail.
- You want to work in a fast, high growth environment.
Bonus points:
- Relevant Industry Certification (CISSP, CISA, CFE, CPA).
- Compliance Certification a big plus (ISO 27001 Lead Auditor/Implementer, QSA).
- Your writing is beyond reproach.
- Verbal communication is your cup of tea.
- You like to automate the boring stuff.
- You have “Big 4” or large regional firm audit experience.
- You’ve been through an IPO before, and participated in the SOX program.
- You have experience with compliance reporting software.
#LI-DO1
#LI-Remote This is a remote position
Equal Opportunity at Datadog:
Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
Your Privacy:
Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.
Tags: Audits AWS Azure CISA CISSP Compliance FedRAMP GCP Governance HIPAA ISO 27001 PCI DSS Privacy Security assessment
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs