AppSec Jobs
← Back to all jobs

Datadog

Staff Application Security Engineer

New York, NYWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Datadog

Datadog, Inc. is a technology company based in New York City, founded in 2010 by Olivier Pomel and Alexis Lê-Quôc. It specializes in providing a comprehensive observability and monitoring platform for cloud-scale applications and IT infrastructure through a Software as a Service (SaaS) model. With over 5,200 employees and offices in major cities worldwide, Datadog has established itself as a leader in the industry. The company offers a cloud-based data analytics platform that includes infrastructure monitoring, application performance monitoring, log management, security monitoring, network performance monitoring, and user experience monitoring. Datadog's platform aggregates metrics, logs, and traces into a single dashboard, enabling real-time visibility and collaboration for software development teams, IT operations, and security teams. Its solutions are widely adopted across various industries, including technology, finance, retail, and media, supporting organizations that rely on cloud infrastructure and DevOps practices.

Industry

information technology & services

Employees

6,500

3743 engineers

Revenue

$2.7B

Website

Visit →

Security at Datadog

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Datadog frames application security as lifecycle coverage from development to production, prioritizing contextualized risk and developer workflows (IDE, PRs, CI/CD).
  • They adopt a decentralized security model driven by a Security Champions program.
  • Their philosophy includes integrating security into every step of the SDLC, catching issues early in the IDE, and automating secure code delivery in CI/CD workflows.
  • They use their own platform extensively to understand a service's overall security posture, conduct security design reviews, and customize vulnerability severity scores based on context.

Security Team

Datadog's security organization includes specialized domains such as application security, platform security, cloud security, detection and response, and customer trust. They define role-level responsibilities for embedding controls and governance, with Engineering Managers (EMs) embedding AI security and privacy controls into CI/CD pipelines. The Security Champions program consists of engineers from both product and platform engineering teams. Information regarding the explicit reporting line for the AppSec team, specific team head names, direct AppSec leader LinkedIn profiles, active AppSec job posting counts, and granular team size is not publicly available from the searched sources.

Key Initiatives

  • Datadog employs a Security Champions program, which is explicitly stated and driven by engineers from product and platform teams. Their 'shift-left' practices include integrating security into every step of the SDLC, catching issues early in the IDE, and automating secure code delivery in CI/CD workflows.
  • They implement CI/CD quality gates to automatically block merges to default branches.
  • For vulnerability management, they focus on continuous production visibility, automatically associating vulnerable services with their code owners and responsible teams, and detecting the exact location of vulnerabilities and their owners.
  • They also conduct security design reviews.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.