Security Analyst - ITGC
Remote New York, NY, USA; Remote Boston, Massachusetts, USA
We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—providing always-on alerting, metrics visualization, logs, and application tracing for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.
The Governance, Risk and Compliance (GRC) team works within the Information Security organization and across Datadog to implement, monitor, and continuously improve Datadog’s security, risk, and compliance programs.
As a Security Analyst on the GRC team, you will manage the implementation, operation, and continuous improvement of Datadog’s IT General Controls. This role will support the company’s ITGC SOX-404 compliance program, working across our global organization to identify technology risks and managing regulatory impact on the organization.
You will also conduct technical risk assessments on internal business processes, M&A activities, and produce formal documentation to provide transparency to customers, colleagues, and auditors. You will partner with Datadog’s Internal and External auditors to expertly navigate regulatory audits, and ensure the reliability of testing. You’ll coordinate with engineering and business owners to ensure controls are properly designed and continuously compliant. You will also consult on new business initiatives, system implementations, policy changes, and assess the impact of changes on internal controls.
- Analyze the configuration and operation of systems that support Datadog’s financial controls.
- Collaborate across the business on ITGC SOX compliance and IT internal audits.
- Identify and manage risk associated with privileged access to Datadog’s technical financial systems.
- Lead security assessments of third parties that provide services to Datadog.
- Design and implement processes and technology in support of Datadog’s security and compliance programs.
- Conduct risk assessments against industry standard security frameworks.
- Create documentation to provide transparency to customers, prospects and other stakeholders.
- Drive new compliance efforts to enable Datadog to enter increasingly regulated markets.
- You have a BS or at least 4 years of relevant industry experience.
- You have familiarity with AWS, GCP, or Azure.
- You have exposure to compliance and regulatory regimes (e.g. SOX, HIPAA, FedRAMP, ISO 27001, PCI DSS).
- You have a proven track record working in security audit, compliance, information security operations, or security consulting.
- You value correctness and efficiency, and have exceptional eye for detail.
- You want to work in a fast, high growth environment.
- Relevant Industry Certification (CISSP, CISA, CFE, CPA).
- Compliance Certification a big plus (ISO 27001 Lead Auditor/Implementer, QSA).
- Your writing is beyond reproach.
- Verbal communication is your cup of tea.
- You like to automate the boring stuff.
- You have “Big 4” or large regional firm audit experience.
- You’ve been through an IPO before, and participated in the SOX program.
- You have experience with compliance reporting software.
#LI-Remote This is a remote position
Equal Opportunity at Datadog:
Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.
Explore more Information Security career opportunities
- Open IT Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Cyber Security Engineer jobs
- Open Senior Incident Response Analyst jobs
- Open Staff Security Engineer jobs
- Open Vulnerability Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Azure Security Engineer jobs
- Open Personnel Security Officer jobs
- Open Security Operations Engineer jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Infrastructure Security Engineer jobs
- Open Cyber Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Penetration Tester jobs
- Open Information Security Architect jobs
- Open Information Security Officer jobs
- Open Threat Intelligence Response Analyst jobs
- Open SOC Analyst jobs
- Open Sr. Product Security Engineer jobs
- Open Privacy Manager jobs
- Open Cybersecurity Engineer jobs
- Open Security Officer 3 jobs
- Open Cloud Security Operations Lead jobs
- Open DevOps-related jobs
- Open PCI-related jobs
- Open Threat intelligence-related jobs
- Open OWASP-related jobs
- Open Clearance-related jobs
- Open Machine Learning-related jobs
- Open IDS-related jobs
- Open Encryption-related jobs
- Open Open Source-related jobs
- Open CEH-related jobs
- Open Splunk-related jobs
- Open Forensics-related jobs
- Open Intrusion detection-related jobs
- Open Ruby-related jobs
- Open Security assessments-related jobs
- Open OSCP-related jobs
- Open Threat detection-related jobs
- Open Docker-related jobs
- Open GDPR-related jobs
- Open DevSecOps-related jobs
- Open HIPAA-related jobs
- Open IPS-related jobs
- Open Unix-related jobs
- Open TCP/IP-related jobs