Skip to content
DatadogDatadogBoston, MA

Staff Application Security Engineer

Leads application security strategy, defines secure frameworks and standards, builds scalable tooling, conducts threat modeling, and mentors engineers. Requires software engineering experience with code review in Go/Python/Rust and deep knowledge of web vulnerabilities, API security, and OWASP practices.

234k – 300k
HybridSecurity Engineering

About the role

What You’ll Do

  • Define and drive security standards and secure-by-default solutions, serving as the Application Security subject matter expert.
  • Build security tooling and automation that scales security practices across engineering teams, and implement robust security observability to support our threat detection team with meaningful, actionable security signals.
  • Lead threat modeling and risk assessment for high-risk features and platform changes.
  • Assess and address security risks introduced by agentic development practices and AI-powered product features in production.
  • Partner with engineering teams to prioritize and remediate critical threats, define API security standards, and conduct security code reviews.
  • Identify systemic security risks; lead complex, multi-team remediation efforts end-to-end.
  • Partner with Cloud & Infrastructure Security and other teams across the org on cross-domain problems; be the AppSec point of contact on complex cross-domain problems.
  • Serve as the AppSec subject matter expert across Datadog; be the person engineering leadership calls when they need clarity on a hard security problem.
  • Deeply invest in the growth of AppSec engineers on the team.

Who You Are

  • Software engineering background with hands-on code review experience; Go (preferred), Python, or Rust.
  • Demonstrated ability to level up the engineers around you: through design reviews, mentorship, and the quality of your documentation.
  • Solid grounding in OWASP Top 10, web vulnerabilities (XSS, injection, access control, cryptography), SAST, and DAST.
  • Working knowledge of API security: authentication flows, authorization patterns, and input validation at API boundaries.
  • Track record of leading threat modeling on complex, multi-team systems and translating outcomes into architectural decisions.
  • Experience implementing secure-by-default frameworks and integrating security into core platforms alongside product managers and engineering teams.
  • Able to translate business risk into security investment priorities and communicate tradeoffs clearly to executive audiences.
  • Familiarity with software supply chain security: dependency management, artifact integrity, and build pipeline trust.
  • Bias toward implementing solutions and driving adoption, not just surfacing findings.
  • Proven track record of winning buy-in from technical and non-technical stakeholders; able to communicate complex tradeoffs clearly to engineers, product managers, and leadership.
  • Current on security best practices, emerging threats, and the tooling landscape.

Skills

GoPythonRustOwasp Top 10SASTDASTApi SecurityThreat ModelingSoftware Supply Chain SecurityDatadog
Snowflake

Staff Software Engineer, Identity & Access Management

SnowflakeBellevue, WA

Designs and implements identity and access management systems for Snowflake's Data Cloud, focusing on AI security, authentication protocols, and scalable authorization. Requires 10+ years experience with large-scale distributed systems and strong skills in Java/C#/C++.

236k – 339k
On-site10+ YOESecurity Engineering
Databricks

Senior Staff Software Engineer - IAM

DatabricksMountain View, CA

Leads IAM and security engineering to enhance platform trust, plugs infrastructure gaps, and builds large-scale distributed systems. Requires 9+ years in data security, 15+ years in distributed systems, MS/PhD, and expertise in IAM, Kubernetes security, cryptography.

232k – 313k
On-site9+ YOESecurity Engineering
Databricks

Staff Product Security Engineer

DatabricksCalifornia

Staff Security Software Engineer leading architecture, standards, and development of AI security tooling, threat detection, and red-teaming platforms at Databricks. Requires 7-10 years security engineering experience, expert Python skills, and deep AI/ML security expertise.

231k – 398k
Remote7+ YOESecurity Engineering
6sense

Staff Security Engineer - SecOps & Threats

6senseUnited States

Leads SecOps and threat response, including incident handling, forensics, automation building, and threat exercises. Requires 5+ years in Security Operations, automation experience, and familiarity with security tools like SIEM, SOAR, and AWS.

231k – 266k
Remote5+ YOESecurity Engineering
Gusto

Senior Staff Security Engineer - Network Security

GustoSan Francisco, CA

Leads edge and network security strategy, owning Cloudflare WAF, DDoS protection, Zero Trust, and AWS perimeter controls. Partners with teams to implement layered defenses, policy-as-code, detections, and AI-assisted automations. Requires 10+ years experience with deep Cloudflare and network expertise.

230k – 270k
Hybrid10+ YOESecurity Engineering