[Remote] Staff Application Security Engineer
Note: The job is a remote job and is open to candidates in USA. Datadog is the leading observability and security platform for the AI era, providing businesses with unified visibility across the technology stack to manage complexity at scale. As a Staff Application Security Engineer, you'll define security standards and build automation to scale security practices across engineering teams, while leading threat modeling and risk assessments. You'll also partner across teams to address security risks and shape the AppSec roadmap.ResponsibilitiesDefine and drive security standards and secure-by-default solutions, serving as the Application Security subject matter expertBuild security tooling and automation that scales security practices across engineering teams, and implement robust security observability to support our threat detection team with meaningful, actionable security signalsLead threat modeling and risk assessment for high-risk features and platform changesAssess and address security risks introduced by agentic development practices and AI-powered product features in productionPartner with engineering teams to prioritize and remediate critical threats, define API security standards, and conduct security code reviewsIdentify systemic security risks; lead complex, multi-team remediation efforts end-to-endPartner with Cloud & Infrastructure Security and other teams across the org on cross-domain problems; be the AppSec point of contact on complex cross-domain problemsServe as the AppSec subject matter expert across Datadog; be the person engineering leadership calls when they need clarity on a hard security problemDeeply invest in the growth of AppSec engineers on the teamSkillsSoftware engineering background with hands-on code review experience; Go (preferred), Python, or RustDemonstrated ability to level up the engineers around you: through design reviews, mentorship, and the quality of your documentationSolid grounding in OWASP Top 10, web vulnerabilities (XSS, injection, access control, cryptography), SAST, and DASTWorking knowledge of API security: authentication flows, authorization patterns, and input validation at API boundariesTrack record of leading threat modeling on complex, multi-team systems and translating outcomes into architectural decisionsExperience implementing secure-by-default frameworks and integrating security into core platforms alongside product managers and engineering teamsAble to translate business risk into security investment priorities and communicate tradeoffs clearly to executive audiencesFamiliarity with software supply chain security: dependency management, artifact integrity, and build pipeline trustBias toward implementing solutions and driving adoption, not just surfacing findingsProven track record of winning buy-in from technical and non-technical stakeholders; able to communicate complex tradeoffs clearly to engineers, product managers, and leadershipCurrent on security best practices, emerging threats, and the tooling landscapeBenefitsNew hire stock equity (RSUs) and employee stock purchase plan (ESPP)Continuous professional development, product training, and career pathingIntradepartmental mentor and buddy program for in-house networkingAn inclusive company culture, ability to join our Community Guilds (Datadog employee resource groups)Access to Inclusion Talks, our internal panel discussionsFree, global mental health benefits for employees and dependents age 6+Competitive global benefitsHealthcare, dental, parental planning, and mental health benefitsA 401(k) plan and matchPaid time offFitness reimbursementsA discounted employee stock purchase planCompany OverviewDatadog is an observability and security platform that offers infrastructure, applications, software development, and monitoring services. It was founded in 2010, and is headquartered in New York, New York, USA, with a workforce of 1001-5000 employees. Its website is https://www.datadoghq.com.Company H1B SponsorshipDatadog has a track record of offering H1B sponsorships, with 8 in 2026, 123 in 2025, 66 in 2024, 45 in 2023, 53 in 2022, 31 in 2021, 29 in 2020. Please note that this does not guarantee sponsorship for this specific role.