Engineering Manager, Cyber Threat Intelligence

About Datadog

Datadog (NASDAQ: DDOG) is a global SaaS business, delivering a rare combination of growth and profitability. We are on a mission to break down silos and solve complexity in the cloud age by enabling digital transformation, cloud migration, and infrastructure monitoring of our customers’ entire technology stacks. Built by engineers, for engineers, Datadog is used by organizations of all sizes across a wide range of industries. Together, we champion professional development, diversity of thought, innovation, and work excellence to empower continuous growth. Join the pack and become part of a collaborative, pragmatic, and thoughtful people-first community where we solve tough problems, take smart risks, and celebrate one another. Learn more about #DatadogLife on Instagram, LinkedIn, and Datadog Learning Center.

The Cyber Threat Intelligence team’s mission is to stay ahead of threat actors and their TTPs to help Datadog make intelligence-led decisions to improve our security posture, inform detections in our security products, and publish research that elevates the Datadog security brand. As part of the Detection & Threat Intelligence group, you will get to work at the intersection of Datadog’s global information security and security product organizations.

Datadog is looking for an Engineering Manager, Cyber Threat Intelligence to lead this vital team. This role focuses on tracking threat actors, malware, and vulnerabilities relevant to Datadog and its customers, while also contributing to the Datadog Security Labs brand through threat research blogs and conference presentations. Reporting to the Engineering Manager II of the Detection & Intelligence Group, you will collaborate closely with various teams including Detection Engineering, Threat Hunting, Incident Response, Trust & Safety, Red Team, Product Management, Product Detection Engineering, and Security Products Engineering to support their intelligence requirements.

At Datadog, we value our office culture—the relationships, collaboration, and creativity it fosters. We operate as a hybrid workplace to ensure our Datadogs achieve work-life harmony.

What You’ll Do:

• Develop and lead a team of security researchers responsible for ideating, planning, and executing the cyber threat intelligence roadmap at Datadog, encompassing threat hunting, threat intelligence, thought leadership, and actor/malware tracking.
• Build a unified threat research and intelligence effort to track threat actors targeting Datadog and its customers.
• Work with leadership to set quarterly OKRs that address priority intelligence and research requirements.
• Build and support a Request for Information (RFI) program for intelligence stakeholders.
• Build and optimize the collection, processing, and dissemination of strategic, tactical, and operational threat intelligence for intelligence stakeholders.
• Track, research, and experiment with the latest tactics, techniques, and procedures for attacking and defending integrated production environments with Datadog.
• Develop and maintain tools for automating the collection and analysis of intelligence.
• Create and collaborate with Engineering & Product Management on proof-of-concept products, services, tools, and simulations to demonstrate new capabilities and protections in Datadog environments.
• Evangelize your team’s mission and regularly communicate with teams outside of your organizational structure.
• Work closely with our Community team to develop thought-leadership threat research content for blogs, webinars, and conferences.
• Build partnerships with external organizations dedicated to advancing cybersecurity for the world.

Who You Are:

• A proven leader with experience leading threat research, cyber threat intelligence, security engineering, or security research teams.
• A technical practitioner with hands-on experience building, investigating, and reporting on threat activity in highly complex environments.
• Experienced in collecting and anticipating intelligence requirements from stakeholders and building an operational model to support intelligence product production.
• Connected to threat intelligence sharing groups and adept at navigating intelligence sharing complexities.
• Experienced in leading threat hunts to identify novel threat activity and transforming findings into new detections, intelligence, and threat research publications.
• Comfortable helping build proof-of-concept services, including writing and testing code (e.g., Go, Python, Ruby), deploying code to cloud environments, and monitoring these services.
• You have published blogs on threat intelligence topics, threat research, and spoken at security conferences on your findings.
• A motivating, kind, and humble people leader who prioritizes team growth and happiness, fostering talent through mentorship and performance management with empathy.
• You value correctness and efficiency, leaving no stone unturned when reviewing documentation.

Bonus Points:

• Experience leading a cyber threat intelligence group for a cloud-native technology/security vendor.
• Experience setting up and managing a Threat Intelligence Platform (TIP) for centralized intelligence collection, dissemination, and threat research.
• Experience responding to large-scale emerging threats and vulnerabilities in a threat intelligence or incident response capacity.
• Experience working with Product Managers and Engineering teams on security products focused around threat detection and threat intelligence.

Key skills/competency:

• Cyber Threat Intelligence
• Security Research
• Threat Hunting
• Incident Response
• Malware Analysis
• Vulnerability Management
• Cloud Security
• Python/Go/Ruby
• Leadership & Mentorship
• Security Operations