As a Staff Application Security Engineer at Datadog, you'll set technical direction for how we approach application security at scale. You'll define the frameworks, methodologies, and architectural patterns that engineering teams across Datadog adopt and apply independently. You're the person others come to when they don't know how to make something secure, and you reliably have an answer.
You'll be a point of contact for our most complex security programs, often spanning multiple teams and multiple quarters. The role requires both depth (going very deep on specific problems when needed) and breadth (recognizing patterns across systems and drawing connections that others miss). Partnering closely with teams inside and outside the security org is key to success. You'll help shape the AppSec roadmap and make the case for where investment should go.
We use our own platform. Logs, Dashboards, Service Catalog, and APM aren't just things we sell: they're tools the AppSec team uses to build security services, measure adoption of secure defaults, and communicate risk across the organization.
AI is also part of the picture. Engineering at Datadog increasingly uses agentic tooling throughout the development lifecycle, and many of the products we ship to customers now include AI-powered features. Both create new attack surfaces, and defining our strategy for addressing them is part of this role.
If using Datadog to observe Datadog's own security posture, building impactful tooling, and shaping how we secure AI-powered systems sounds like the right kind of problem, this role is worth a close look.
What You’ll Do:
- Define and drive security standards and secure-by-default solutions, serving as the Application Security subject matter expert.
- Build security tooling and automation that scales security practices across engineering teams, and implement robust security observability to support our threat detection team with meaningful, actionable security signals.
- Lead threat modeling and risk assessment for high-risk features and platform changes.
- Assess and address security risks introduced by agentic development practices and AI-powered product features in production
- Partner with engineering teams to prioritize and remediate critical threats, define API security standards, and conduct security code reviews.
- Identify systemic security risks; lead complex, multi-team remediation efforts end-to-end
- Partner with Cloud & Infrastructure Security and other teams across the org on cross-domain problems; be the AppSec point of contact on complex cross-domain problems
- Serve as the AppSec subject matter expert across Datadog; be the person engineering leadership calls when they need clarity on a hard security problem
- Deeply invest in the growth of AppSec engineers on the team
**Who You Are: **
- Software engineering background with hands-on code review experience; Go (preferred), Python, or Rust
- Demonstrated ability to level up the engineers around you: through design reviews, mentorship, and the quality of your documentation
- Solid grounding in OWASP Top 10, web vulnerabilities (XSS, injection, access control, cryptography), SAST, and DAST
- Working knowledge of API security: authentication flows, authorization patterns, and input validation at API boundaries
- Track record of leading threat modeling on complex, multi-team systems and translating outcomes into architectural decisions
- Experience implementing secure-by-default frameworks and integrating security into core platforms alongside product managers and engineering teams
- Able to translate business risk into security investment priorities and communicate tradeoffs clearly to executive audiences
- Familiarity with software supply chain security: dependency management, artifact integrity, and build pipeline trust
- Bias toward implementing solutions and driving adoption, not just surfacing findings
- Proven track record of winning buy-in from technical and non-technical stakeholders; able to communicate complex tradeoffs clearly to engineers, product managers, and leadership
- Current on security best practices, emerging threats, and the tooling landscape
Datadog values people from all walks of life. We understand not everyone will meet all the above qualifications on day one. That's okay. If you’re passionate about technology and want to grow your skills, we encourage you to apply.
**Benefits and Growth: **
- New hire stock equity (RSUs) and employee stock purchase plan (ESPP)
- Continuous professional development, product training, and career pathing
- Intradepartmental mentor and buddy program for in-house networking
- An inclusive company culture, ability to join our Community Guilds (Datadog employee resource groups)
- Access to Inclusion Talks, our internal panel discussions
- Free, global mental health benefits for employees and dependents age 6+
- Competitive global benefits
Benefits and Growth listed above may vary based on the country of your employment and the nature of your employment with Datadog.
#LI-Hybrid
Datadog offers a competitive salary and equity package, and may include variable compensation. Actual compensation is based on factors such as the candidate's skills, qualifications, and experience. In addition, Datadog offers a wide range of best in class, comprehensive and inclusive employee benefits for this role including healthcare, dental, parental planning, and mental health benefits, a 401(k) plan and match, paid time off, fitness reimbursements, and a discounted employee stock purchase plan.
The reasonably estimated yearly salary for this role at Datadog is:
$234,000—$300,000 USD
**About Datadog: **
Datadog is the leading observability and security platform for the AI era, providing businesses with unified visibility across the technology stack to manage complexity at scale. It brings applications, infrastructure, data, models, and security into one place, using AI to detect and resolve issues before they impact customers. Trusted globally by Fortune 500 companies and high-growth AI leaders, Datadog enables businesses to move faster with clarity and confidence. Learn more about #DatadogLife on Instagram, LinkedIn, and Datadog Learning Center.
Equal Opportunity at Datadog:
Datadog is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and other characteristics protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. Here are our Candidate Legal Notices for your reference.
Datadog endeavors to make our Careers Page accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please complete this form. This form is for accommodation requests only and cannot be used to inquire about the status of applications.
Privacy and AI Guidelines:
Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice. For information on our AI policy, please visit Interviewing at Datadog AI Guidelines.