As the worlds leading provider of cloud-based software and technology solutions delivered by managed service providers (MSPs), Datto believes there is no limit to what small and medium businesses can achieve with the right technology. Datto offers Unified Continuity, Networking, and Business Management solutions and has created a one-of-a-kind ecosystem of MSP partners. These partners provide Datto solutions to over one million businesses across the globe. Since its founding in 2007, Datto continues to win awards each year for its rapid growth, product excellence, superior technical support, and for fostering an outstanding workplace. With headquarters in Norwalk, Connecticut, Datto has global offices in the United Kingdom, Netherlands, Denmark, Germany, Canada, Australia, China, and Singapore. Learn more at datto.com.
As a trusted and empowered member of the CISOs staff, you will go out into the organization and identify opportunities for security improvement and organize change. You will empower stakeholders in efforts that push the enhancement of organizational and engineering security controls and processes. You will assure the achievement of important outcomes through these efforts.
Your role as part of the Application Security team will be to build relationships, understand technology stacks, designs, and review processes in support of the secure design practices at Datto. This role works across all product lines to consult and provide design recommendations that address gaps found in the review process. The role will report to the Application Security Manager. Fundamentals of the role include:
- Lead and/or provide critical leverage to engineering projects of varying size, scope, and technical complexity to enhance Dattos security posture while balancing usability, stability, scalability, and performance.
- Adaptability and agility in approaching solutions to multiple technology stacks.
- Provide secure design and development expertise through collaboration with product subject matter experts.
- Work with other teams to identify, resolve, and mitigate vulnerabilities and risks.
- Software Engineering background (DevOps, SW Engineering, Computer Science).
- Strong knowledge of applying security frameworks to the software development lifecycle (ie. BSIMM, OpenSAMM, OWASP).
- Working knowledge of common languages (PHP, .NET, Python and Java)
- Understanding of security by design principles and architecture level security concepts.
- Knowledge of current and emerging security techniques for exploiting security vulnerabilities.
- Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders in a fast-paced environment.
- Driven to influence software security across an organization.
- Bachelor's degree or equivalent work experience
- Technical leadership experience in the software security field.
- One or more certifications: CISSP, OSCP
- Ability to script/code in support of objectives
- Security related blog posts
- Public CVEs
- Teaching and/or public speaking experience
- Public Github contributions
Note: We are looking only for candidates willing to join us directly as W2 employees (No 3rd party candidates)
At Datto, we believe our employees are our greatest asset and offer all full-time employees a wide-ranging benefits package, including:
- Comprehensive health-care benefits
- Flexible paid time off policy
- Charity match program
- Education reimbursement
- And more!
By submitting an application, you acknowledge we will process your data in order to consider you for the position you apply for and for other open positions within our company for which you may be suited. We collect and store your data in accordance with our Recruiting Privacy Practices.
Datto is an equal opportunity employer.