What you'd actually do

Design and implement secure-by-default platform controls, improving the security of our APIs and services.

Build and evolve security systems and enforcement layers (e.g., gateways, middleware, policy engines) that operate at scale across distributed systems

Define and standardize security patterns that can be broadly adopted across services, reducing the need for custom implementations

Integrate security controls into developer workflows, infrastructure, and platform abstractions to drive high adoption

Identify recurring security risks and translate them into reusable, enforced platform primitives

Skills

Required

software engineering
building distributed systems
designing and implementing security controls or systems
built shared infrastructure, internal platforms, libraries, frameworks, or enforcement mechanisms
understanding of modern systems handling identity, communication, and trust boundaries
operating in ambiguous environments
working across new problem spaces
pragmatic security decisions
design and implement solutions that prevent them at scale

Nice to have

zero trust architectures
service-to-service security models
policy-based systems
large-scale access control models
working with untrusted or non-deterministic workloads
sandboxing
agent-based systems
using observability and telemetry to drive security insights and adoption

As a Senior Security Engineer on the AppSec Foundations team, you will be instrumental in making secure behavior the default across the Datadog platform. Your focus will be to build scalable, platform-level security controls to enforce production security invariants across our infrastructure and developer workflows.

You will operate at the intersection of distributed systems and security, focusing on enforcing security by construction. This approach eliminates reliance on manual reviews or reactive fixes, enabling engineering teams to move fast without needing specialized security expertise.

A key part of this role involves shaping the implementation of identity, access, and isolation across our systems, including support for next-generation, AI-driven, and agentic workloads. By defining how security is automatically built-in across Datadog’s platform, your work will improve consistency, reduce friction for engineering teams, and enable the company to scale securely as we expand into new technological domains.

What You’ll Do:

Design and implement secure-by-default platform controls, improving the security of our APIs and services.
Build and evolve security systems and enforcement layers (e.g., gateways, middleware, policy engines) that operate at scale across distributed systems
Define and standardize security patterns that can be broadly adopted across services, reducing the need for custom implementations
Integrate security controls into developer workflows, infrastructure, and platform abstractions to drive high adoption
Identify recurring security risks and translate them into reusable, enforced platform primitives
Partner with engineering teams to influence system design and build out security that is embedded early in the development lifecycle
Contribute to threat modeling and security reviews where needed, with a focus on turning findings into systemic improvements
Leverage application telemetry (logs, traces, metrics) to assess security posture and drive improvements

Who You Are:

You have a strong background in software engineering and experience building distributed systems (Go or Python preferred)
You have experience designing and implementing security controls or systems (e.g., authentication, authorization, API security, or infrastructure security)
You have built shared infrastructure, internal platforms, libraries, frameworks, or enforcement mechanisms used by other engineering teams.
You understand how modern systems handle identity, communication, and trust boundaries (e.g., mTLS, service identity, API gateways)
You are comfortable operating in ambiguous environments and working across new problem spaces
You make pragmatic security decisions that balance risk, usability, and scalability
You are driven to not only identify security issues but also design and implement solutions that prevent them at scale

Nice to Have:

Experience with zero trust architectures or service-to-service security models
Familiarity with policy-based systems or large-scale access control models
Experience working with untrusted or non-deterministic workloads (e.g., sandboxing, agent-based systems)
Experience using observability and telemetry to drive security insights and adoption

Datadog values people from all walks of life. We understand not everyone will meet all the above qualifications on day one. That's okay. If you’re passionate about technology and want to grow your skills, we encourage you to apply.

**Benefits and Growth: **

New hire stock equity (RSUs) and employee stock purchase plan (ESPP)
Continuous professional development, product training, and career pathing
Intradepartmental mentor and buddy program for in-house networking
An inclusive company culture, ability to join our Community Guilds (Datadog employee resource groups)
Access to Inclusion Talks, our internal panel discussions
Free, global mental health benefits for employees and dependents age 6+
Competitive global benefits

_Benefits and Growth listed above may vary based on the country of your employment and the nature of your employment with Datadog.

To conform to US export control regulations, candidates should be eligible for any required authorizations from the US government. This job is available in various departments within our company; to conform to US export control regulations, some of these roles may require candidates to be eligible for any required authorizations from the US government. _

#LI-Hybrid

Datadog offers a competitive salary and equity package, and may include variable compensation. Actual compensation is based on factors such as the candidate's skills, qualifications, and experience. In addition, Datadog offers a wide range of best in class, comprehensive and inclusive employee benefits for this role including healthcare, dental, parental planning, and mental health benefits, a 401(k) plan and match, paid time off, fitness reimbursements, and a discounted employee stock purchase plan.

The reasonably estimated yearly salary for this role at Datadog is:

$187,000—$240,000 USD

**About Datadog: **

Datadog is the leading observability and security platform for the AI era, providing businesses with unified visibility across the technology stack to manage complexity at scale. It brings applications, infrastructure, data, models, and security into one place, using AI to detect and resolve issues before they impact customers. Trusted globally by Fortune 500 companies and high-growth AI leaders, Datadog enables businesses to move faster with clarity and confidence. Learn more about #DatadogLife on Instagram, LinkedIn, and Datadog Learning Center.

Equal Opportunity at Datadog:

Datadog is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and other characteristics protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. Here are our Candidate Legal Notices for your reference.

Datadog endeavors to make our Careers Page accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please complete this form. This form is for accommodation requests only and cannot be used to inquire about the status of applications.

Privacy and AI Guidelines:

Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice. For information on our AI policy, please visit Interviewing at Datadog AI Guidelines.