Security Engineer, Offensive Security

Here at Datadog, we think about offensive security a little bit differently. We embrace automation and AI to run adversary simulations continuously across a massive cloud-native environment, and we expect our offensive engineers to build the tooling that makes that possible. We're looking for a Senior Security Engineer who can execute sophisticated red team operations, write the code that scales them, and take an AI-first approach to offensive security engineering.

At Datadog, we place value in our office culture - the relationships and collaboration it builds, and the creativity it brings to the table. We operate as a hybrid workplace to ensure our Datadogs can create a work-life harmony that best fits them.

What You'll Do:

• Plan and execute red team engagements end-to-end, simulating real-world threat actors across cloud infrastructure (AWS, GCP), Kubernetes, CI/CD pipelines, and corporate environments
• Build and maintain custom offensive tooling, automation frameworks, and engagement infrastructure, treating offensive operations as a software engineering problem
• Develop custom payloads and evasion capabilities tailored to Datadog's environment and modern defensive controls (EDR, SIEM, network monitoring)
• Improve the efficiency of offensive operations through thoughtful use of automation and AI, accelerating reconnaissance, vulnerability analysis, and reporting workflows
• Partner with the Detection & Response team on purple team exercises to validate detection logic, improve alert fidelity, and influence threat models
• Translate offensive findings into concrete improvements by working directly with defensive security and engineering teams to close gaps

• You have 5+ years of hands-on experience in offensive security (red teaming, penetration testing, or adversary simulation) with a track record of operating against mature, well-defended environments
• You write production-quality code (Python, Go, or similar), can build your own tools, and automate your workflows rather than relying exclusively on off-the-shelf frameworks
• You have deep expertise in at least a two of the following areas: macOS security, Linux security, cloud platforms (AWS, GCP, Azure), Kubernetes, or CI/CD pipelines
• You have experience developing evasion techniques against modern defensive controls and understand how detections work from the blue team side
• You have strong communication skills, with the ability to convey complex offensive findings clearly and effectively to both technical and non-technical stakeholders
• You are comfortable operating with ambiguity, scoping your own work, identifying what matters most, and driving projects from prototype to deployed and validated

• New hire stock equity (RSUs) and employee stock purchase plan (ESPP)
• Continuous professional development, product training, and career pathing
• Intradepartmental mentor and buddy program for in-house networking
• An inclusive company culture, ability to join our Community Guilds (Datadog employee resource groups)
• Free, global mental health benefits for employees and dependents age 6+
• Competitive global benefits

Benefits and Growth listed above may vary based on the country of your employment and the nature of your employment with Datadog.

#LI-Hybrid

Datadog offers a competitive salary and equity package, and may include variable compensation. Actual compensation is based on factors such as the candidate's skills, qualifications, and experience. In addition, Datadog offers a wide range of best in class, comprehensive and inclusive employee benefits for this role including healthcare, dental, parental planning, and mental health benefits, a 401(k) plan and match, paid time off, fitness reimbursements, and a discounted employee stock purchase plan. The reasonably estimated yearly salary for this role at Datadog is: $195,000-$240,000 USD