Security Analyst - Governance, Risk & Compliance

Datadog   •  

New York, NY

Industry: Enterprise Technology

  •  

Less than 5 years

Posted 55 days ago

About Datadog:

We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—providing always-on alerting, metrics visualization, logs, and application tracing for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.

The team:

Datadog is building a world class security team to keep our employees and end users safe from real world threats. You will help us face the challenges presented by our diverse user base and a constantly changing regulatory landscape. Your team will architect policy for Datadog to meet the increasingly complex requirements of our customers and regulators in the jurisdictions where they operate. Security Analysts also have the opportunity to work hand in hand with our Corporate Information Technology team to help keep Datadog employees safe for the dangers that lurk on the Internet. We are looking for a candidate that can bring the best of current industry knowledge and work at Datadog to advance that knowledge.

The Opportunity:

  • Participate and lead security efforts in pursuit of industry certification (ISO 27001, 27018, HITRUST, PCI)
  • Conduct Risk Assessments against industry standard security frameworks
  • Document Datadog practice to provide transparency to customers, prospects and other stakeholders
  • Communicate directly with Datadog customers, prospects and other stakeholders
  • Drive compliance efforts to enable Datadog to enter increasingly regulated markets
  • Track progress toward increasing compliance objectives
  • Design defensive policies that allow the Datadog security and general engineering teams to move quickly and adapt to an evolving threat landscape

Requirements:

  • You have a BS or equivalent experience
  • You have a minimum of 3 years of relevant industry experience
  • You have a proven track record working in security policy, compliance, information security operations or security consulting
  • You value correctness and efficiency; you leave no stone unturned when reviewing documentation
  • Exceptional attention to detail
  • Exposure to multiple compliance and regulatory regimes (e.g. FedRAMP, GDPR, HIPAA, ISO 27001, PCI DSS)
  • You want to work in a fast, high growth startup environment

Bonus points:

  • Relevant Industry Certification (CISSP, CISA, GCIH)
  • Compliance Certification a big plus (ISO 27001 Lead Auditor/Implementer, QSA)
  • Experience with ZenGRC
  • Your writing is beyond reproach
  • Verbal communication is your cup of tea