Information Security Analyst

We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—allowing for seamless collaboration and problem-solving among Dev, Ops and Security teams globally for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way. 

The Governance, Risk and Compliance (GRC) team works within the Information Security organization and across Datadog to implement, monitor, and continuously improve Datadog’s security, risk, and compliance programs.

As an Information Security Analyst, you will support our SOX program. You will work with Datadog’s Internal Audit team to define the SOX scope and create ITGCs to support meeting Datadog’s SOX obligations. You will work with Engineering and Finance teams to implement an appropriate control framework, provide support where applicable, and remediate identified issues. You will also own and manage User Access Reviews which are conducted quarterly across a variety of mostly SaaS based systems.

What you will do:

• Serve as a key liaison and manage expectations between internal teams (including Engineering) and internal/external auditors. 

• Lead the successful completion of the quarterly UAR (User Access Review) audit process.

• Create and/or remediate ITGC (IT General Controls) in support of meeting audit objectives for all ITGC SOX areas.

• Design IT testing procedures to identify and evaluate risk exposures and determine the effectiveness and efficiency of controls, particularly for new system or process control readiness.

• Assist with the creation of effective remediation solutions and/or exception documentation where applicable.

• Serve as the SOX Compliance subject matter expert and point of contact to Internal and External Auditors.

• Assist technical teams with creation and implementation of IT controls objectives.

Who you are:

• Minimum of 5-10 years’ work experience in IT Risk Management, SOX compliance and auditing with a strong background in IT controls.

• A background in auditing SaaS based tech (AWS, GCP, Azure, and other SaaS based vendors like Salesforce, Workday, ServiceNow, etc.).

• Expert understanding of Sarbanes-Oxley (SOX) and other compliance requirements that may impact compliance.

• Experience developing, and implementing security and control solutions that address SOX requirements.

• Ability to effectively mentor other team members as needed.

Datadog values people from all walks of life. We understand not everyone will meet all the above qualifications on day one. That's okay. If you’re passionate about technology and want to grow your skills, we encourage you to apply.

Benefits and Growth:

• New hire stock equity (RSUs) and employee stock purchase plan (ESPP)

• Continuous professional development, product training, and career pathing

• Intradepartmental mentor and buddy program for in-house networking

• An inclusive company culture, ability to join our Community Guilds (Datadog employee resource groups)

• Access to Inclusion Talks, our internal panel discussions

• Free, global mental health benefits for employees and dependents age 6+

• Competitive global benefits

#LI-KB4

Equal Opportunity at Datadog:

Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

Your Privacy:

Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.