Engineering Manager, Cyber Threat Intelligence

Engineering Manager, Cyber Threat Intelligence at Datadog

The Cyber Threat Intelligence team's mission is to stay ahead of threat actors and their TTPs to help Datadog make intelligence-led decisions to improve our security posture, inform detections in our security products, and publish research that elevates the Datadog security brand. As part of the Detection & Threat Intelligence group, you will get to work at the intersection of Datadog’s global information security and security product organizations.

We are looking for an Engineering Manager, Cyber Threat Intelligence to lead the Cyber Threat Intelligence team. This team focuses on tracking threat actors, malware, and vulnerabilities relevant to Datadog and our customers while also contributing to the Datadog Security Labs brand by publishing threat research blogs and speaking at conferences. This manager will report to the Engineering Manager II of the Detection & Intelligence Group and will partner closely with several teams to support their intelligence requirements, including Detection Engineering, Threat Hunting, Incident Response, Trust & Safety, Red team, Product Management, Product Detection Engineering, and Security Products Engineering.

At Datadog, we place value in our office culture - the relationships and collaboration it builds and the creativity it brings to the table. We operate as a hybrid workplace to ensure our Datadogs can create a work-life harmony that best fits them.

What You’ll Do:

• Develop and lead a team of security researchers who are responsible for ideating, planning and executing the cyber threat intelligence roadmap at Datadog which includes: threat hunting, threat intelligence, thought leadership and actor/malware tracking.
• Build a unified threat research and intelligence effort to track threat actors targeting Datadog & their customers.
• Work with leadership to set quarterly OKRs that address priority intelligence and research requirements.
• Build and support a RFI program for intelligence stakeholders.
• Build, and optimize the collection, processing and dissemination of strategic, tactical, and operational threat intelligence for intelligence stakeholders.
• Track, research and experiment with the latest tactics, techniques & procedures for attacking and defending integrated production environments with Datadog.
• Develop and maintain tools for automating the collection and analysis of intelligence.
• Create and collaborate with Engineering & Product Management on proof of concept products, services, tools and simulations to demonstrate new capabilities and protections in Datadog environments.
• Evangelize your team’s mission and regularly communicate with teams outside of your organizational structure.
• Work closely with our Community team to develop thought-leadership threat research content for blogs, webinars, and conferences.
• Build partnerships with external organizations dedicated to advancing cybersecurity for the world.

Who You Are:

• A proven leader with experience leading threat research, cyber threat intelligence, security engineering or security research teams.
• A technical practitioner who has hands-on experience building, investigating and reporting on threat activity in highly complex environments.
• You have experience with collecting and anticipating intelligence requirements from your stakeholders and building out an operational model to support the production of intelligence products for them.
• Connected to threat intelligence sharing groups and can help navigate the complexities of intelligence sharing.
• You have led threat hunts to identify novel threat activity and turn that into new detections, new intelligence, and threat research publications.
• You are comfortable with helping build proof-of-concept services, which include writing and testing code (e.g. Go, Python, Ruby), deploying code to cloud environments and monitoring of these services.
• You have published blogs on threat intelligence topics, threat research, and spoken at security conferences on your findings.
• Motivating, kind and humble people leader who focuses on growth and happiness for your team. You have the ability to grow talent by providing a proper mentorship and performance management environment while prioritizing empathy.
• You value correctness and efficiency; you leave no stone unturned when reviewing documentation.

Bonus Points:

• Experience leading a cyber threat intelligence group for a cloud native technology/security vendor.
• Experience setting up and managing a threat intelligence platform (TIP) to centralize intelligence collection, dissemination, and threat research activities.
• Experience responding to large scale emerging threats and vulnerabilities in a threat intelligence or incident response capacity.
• Experience working with Product Managers and Engineering teams on security products focused around threat detection and threat intelligence.

About Datadog:

Datadog (NASDAQ: DDOG) is a global SaaS business, delivering a rare combination of growth and profitability. We are on a mission to break down silos and solve complexity in the cloud age by enabling digital transformation, cloud migration, and infrastructure monitoring of our customers’ entire technology stacks. Built by engineers, for engineers, Datadog is used by organizations of all sizes across a wide range of industries. Together, we champion professional development, diversity of thought, innovation, and work excellence to empower continuous growth. Join the pack and become part of a collaborative, pragmatic, and thoughtful people-first community where we solve tough problems, take smart risks, and celebrate one another. Learn more about #DatadogLife on Instagram, LinkedIn, and Datadog Learning Center.

Key skills/competency:

• Threat Intelligence
• Cyber Security
• Threat Hunting
• Security Research
• Incident Response
• TTPs (Tactics, Techniques, and Procedures)
• Cloud Environments
• Malware Analysis
• Stakeholder Management
• Python/Go Programming