As Engineering Manager for Threat Detection, you will lead a high-performing team that powers Datadog's detection program. Threat Detection is the organization responsible for keeping Datadog ahead of an evolving threat environment: closing coverage gaps faster, raising the bar on signal quality, and shipping detections that hold up under the scale and complexity of cloud-native infrastructure.
Your team will combine direct detection expertise, platform engineering, and applied AI to ship detections at a pace and scale traditional rule-writing alone cannot match. Examples of what your team will work on include detection-authoring agents, the detection platform that powers every rule in production, coverage analysis, alert triage and response automation, and the evaluation infrastructure that holds these systems to a high bar of fidelity. Detection authorship is a shared responsibility across the organization, and your team will contribute both by building the systems that scale our authoring capacity and by writing detections directly when their domain expertise is the right tool.
You will partner closely with our Security Incident & Response Team (SIRT), Cyber Threat Intelligence (CTI), AI Engineering teams, and Datadog's broader Security organization. This is a high-impact leadership role: you will grow a team of security and software engineers responsible for building and executing our detection and AI strategy. At Datadog, we place value in our office culture - the relationships and collaboration it builds and the creativity it brings to the table. We operate as a hybrid workplace to ensure our Datadogs can create a work-life harmony that best fits them.
What You’ll Do:
- Lead the strategy, roadmap, and execution of Datadog Security's shift to AI-accelerated detection and response.
- Drive development of high-fidelity detections as a shared responsibility across the organization, ensuring your team's systems and direct contributions raise the bar on coverage and signal quality.
- Build, mentor, and grow a high-performing team of engineers tackling the hardest problems in threat detection at scale.
- Partner with sister teams across Threat Detection and the broader Security organization so your team's deliverables integrate reliably with the rest of the program.
- Define and track program metrics: detection coverage, signal quality, model and agent fidelity, evaluation pass rates, incident response readiness, and your team's measurable contribution to security operations outcomes.
- Evangelize the team's mission inside and outside the Threat Detection organization, communicating progress, tradeoffs, and bets clearly to security leadership and partner teams.
- Collaborate with the AI Engineering teams and other internal AI initiatives to build on shared infrastructure where it makes sense and invest in security-specific tooling where it does not.
Who You Are:
- You have worked in a security operations, detection engineering, or incident response role, building tooling and performing investigations and responding to incidents.
- Strong understanding of modern threat actor techniques and the detection engineering lifecycle.
- Technically credible, with the ability to review detection logic, code (e.g., Python), and the architecture of security systems (AI-driven or otherwise).
- You have built automation systems for security operations workflows: detection platforms, AI-driven detection capabilities, case triage, investigation, response automation, or analyst tooling.
- You have prior experience at a SaaS or cloud infrastructure company where security scale and complexity are first-order challenges.
- You operate with both rigor and pragmatism on production quality. You know when to ship a useful system, when to invest in further evaluation, and when not to ship at all.
- Experienced people leader with a focus on mentorship, team growth, and inclusion.
Nice to Haves:
- You have led or sponsored threat hunts that drove lasting improvements in detection coverage.
- You have translated security research, threat intelligence, or analyst workflows into engineered systems.
- You have designed or operated detection platforms: SIEM pipelines, detection-as-code workflows, CI/CD for security content, or equivalent.
- You have built observability for detection systems: instrumentation for coverage and drift, false positive analysis, or silent failure detection.
- You have built and shipped agentic or ML systems to production. You understand the full lifecycle (data, training, evaluation, deployment, monitoring) and have led teams through it.
- You have designed safety, guardrails, or human-in-the-loop systems for autonomous AI in security domains.
Datadog values people from all walks of life. We understand not everyone will meet all the above qualifications on day one. That's okay. If you’re passionate about technology and want to grow your skills, we encourage you to apply.
Benefits and Growth:
- Generous and competitive benefits package
- New hire stock equity (RSUs) and employee stock purchase plan
- Continuous career development and pathing opportunities
- Employee-focused best in class onboarding
- Internal mentor and cross-departmental buddy program
- Friendly and inclusive workplace culture
To conform to US export control regulations, candidates should be eligible for any required authorizations from the US government. This job is available in various departments within our company; to conform to US export control regulations, some of these roles may require candidates to be eligible for any required authorizations from the US government.
Datadog offers a competitive salary and equity package, and may include variable compensation. Actual compensation is based on factors such as the candidate's skills, qualifications, and experience. In addition, Datadog offers a wide range of best in class, comprehensive and inclusive employee benefits for this role including healthcare, dental, parental planning, and mental health benefits, a 401(k) plan and match, paid time off, fitness reimbursements, and a discounted employee stock purchase plan.
About Datadog:
Datadog is the leading observability and security platform for the AI era, providing businesses with unified visibility across the technology stack to manage complexity at scale. It brings applications, infrastructure, data, models, and security into one place, using AI to detect and resolve issues before they impact customers. Trusted globally by Fortune 500 companies and high-growth AI leaders, Datadog enables businesses to move faster with clarity and confidence. Learn more about #DatadogLife on Instagram, LinkedIn, and Datadog Learning Center.
Equal Opportunity at Datadog:
Datadog is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and other characteristics protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. Here are our Candidate Legal Notices for your reference.
Datadog endeavors to make our Careers Page accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please complete this form. This form is for accommodation requests only and cannot be used to inquire about the status of applications.
Privacy and AI Guidelines:
Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice. For information on our AI policy, please visit Interviewing at Datadog AI Guidelines.
Skills Required
- Experience in security operations, detection engineering, or incident response
- Strong understanding of modern threat actor techniques
- Technical credibility to review detection logic and security systems architecture
- Experience building automation systems for security operations
- Prior experience in SaaS or cloud infrastructure security
- Focus on mentorship and team growth
What the Team is Saying
.png)
.png)
Datadog Compensation & Benefits Highlights
-
Healthcare Strength — Medical, dental, and vision coverage paired with dedicated mental‑health access (including free annual sessions for employees and dependents) and gender‑affirming care indicates robust healthcare support. Fitness reimbursements further reinforce preventative wellness.
-
Parental & Family Support — Fully paid, gender‑neutral parental leave alongside family‑forming support (adoption, fertility, preservation, surrogacy) and childcare assistance shows strong backing for growing families. Pet‑related assistance in eligible offices expands family‑oriented offerings.
-
Equity Value & Accessibility — An employee stock purchase plan with a discount and RSUs for many roles broaden access to ownership. This equity mix enhances total rewards beyond base pay.
Datadog Insights
What We Do
Datadog (NASDAQ: DDOG) is a global SaaS business, delivering a rare combination of growth and profitability. We are on a mission to break down silos and solve complexity in the cloud age by enabling digital transformation, cloud migration, and infrastructure monitoring of our customers' entire technology stacks. Built by engineers, for engineers, Datadog is used by organizations of all sizes across a wide range of industries. Together, we champion professional development, diversity of thought, innovation, and work excellence to empower continuous growth. Join the pack and become part of a collaborative, pragmatic, and thoughtful people-first community where we solve tough problems, take smart risks, and celebrate one another.
Why Work With Us
At Datadog, we learn from and celebrate each other daily - each win is a team win. Datadogs solve tough problems, innovate pragmatically, and grow together. We promote from within, provide mentorship and opportunities for career development, and support our colleagues in the process. Best of all? We truly love what we do.
Gallery
Datadog Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
We operate as a hybrid workplace to ensure our Datadogs can create a work-life harmony that best fits them and their team.
