Senior Software Engineer

Summary

Join Datadog's SDLC Security team as a Software Engineer and play a crucial role in securing our supply chain. You will ensure the integrity and trustworthiness of our internal and client-facing software. This is an impactful opportunity, given the growing need for robust supply chain security. You'll be involved in all stages of securing our supply chain, from risk modeling to designing and implementing security solutions. Datadog offers a hybrid workplace, valuing both office culture and work-life harmony. We are looking for someone with a proven track record in securing software supply chains and SDLC systems.

Requirements

• Proven track record of designing and coding systems that help secure the software supply chain and SDLC systems, and are leveraged by multiple teams
• Knowledge of key management solutions and cryptographic methodologies
• Fluency in one or more modern coding languages (Python, Go, etc.)
• Ability to work closely with engineering and DevOps teams to integrate security seamlessly into the development process
• Familiarity with securing cloud environments (e.g., AWS, GCP, Azure) and Kubernetes based development
• Desire to work in an environment with exciting challenges and opportunities to make an impact

Responsibilities

• Fully understand Datadog’s software supply chain, build-pipeline security, delivery mechanisms, and key and configuration management
• Build provable integrity mechanisms throughout the entire supply chain, working from source management systems out through to node level configuration in Datadog’s compute
• Design and implement custom heuristics for dependency health and safety, as well as the policies that govern their usage
• Help implement SAST scanners and finetune rules for pre-commit and PR level scanning, with an emphasis on high fidelity low friction rules with actionable signals
• Continue to reduce the attack surface of all of Datadog’s client-facing software with a particular forums on the build and supply chain attacks
• Represent Datadog in the open source software supply chain security community

Preferred Qualifications

• Passionate about building products that engineers love and believe in the true outcome of DevSecOps
• Knowledgeable of security frameworks such as slsa.dev, TUF, in-toto etc
• Knowledgeable about continuous scanning and SAST products, rule creation and methodology
• Known as a subject matter expert in the binary protection and/or integrity fields

Benefits

• New hire stock equity (RSUs) and employee stock purchase plan (ESPP)
• Continuous professional development, product training, and career pathing
• Intradepartmental mentor and buddy program for in-house networking
• An inclusive company culture, ability to join our Community Guilds (Datadog employee resource groups)
• Access to Inclusion Talks, our internal panel discussions
• Free, global mental health benefits for employees and dependents age 6+
• Competitive global benefits