Team Lead, Engineering - GRC
About Datadog
We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale-trillions of data points per day-providing always-on alerting, metrics visualization, logs, and application tracing for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.
About the Opportunity
Datadog is looking for a GRC Team Lead to lead our compliance management function within the Information Security Department. This role will report to the Manager of compliance who oversees this GRC team as well as Datadog's US Federal compliance team. The GRC team is a business enabler and is responsible for maintaining and executing a regulatory compliance roadmap. As the leader of the GRC function, you will ensure that the regulatory roadmap supports business, sales and revenue objectives while maintaining alliance with existing information security standards.
You and your team will work closely with engineering, product and other business units to ensure regulatory control requirements are translated into Datadog-understandable language that is informed by the organization's current security practices and standards. You and your team will be responsible for the planning and execution of audits ranging from PCI to ISO 27001/27002/27017/27701 to SOC 2 to HIPAA, etc. You'll also own governance tasks like policy / exception management, vendor risk assessments and onboarding newly acquired companies to our compliance program and audits.
While this is a management role, we are a small but growing team and as such you will be expected to get your hands dirty with the most complex and ambiguous problems we face. The right candidate for this role must be very comfortable with ambiguity, exude optimism, and have a strong technical base to draw from.
If you believe that Security and Compliance translates to business-value and enablement, as a primary objective, we want to talk to you!
What you will do:
- Own and lead Datadog's Commercial Compliance program and team.
- Own internal gap assessments / evaluation against new and upcoming compliance standards.
- Own your team's audit planning and personally oversee audit execution.
- Own 3rd party / vendor risk assessments.
- Actively participate in continuous mentoring and development of your team.
- Establish process and tooling that support a pull once, serve many audit-support functions.
- Establish/Maintain processes and procedures that support audit and compliance management as daily operational functions vs. a disruptive event.
- Collaborate with stakeholder teams (engineering, product, sales, legal) to help support practical and scalable outcomes.
- In close partnership with control owners, translate control remediation opportunities into business-enabling processes and standards .
- Lead continuous process improvement, automation and third-party tooling that support scalable compliance and audit support functions.
- Provide transparency and status reporting through the use of meaningful and actionable scorecards and relevant operational metrics and OKRs/KPIs.
Who you must be:
- You have 3+ years direct people management experience overseeing an audit team
- You have a BS or equivalent experience.
- You are honest, humble, 100% transparent and a true motivator of others.
- You have demonstrable experience managing, mentoring and coaching team members as part of your formal responsibilities of managing teams and having direct reports
- You have demonstrable experience in successfully working with and positively influencing engineering teams, while understanding their daily challenges and demands.
- You have directly led audits either as an auditee or auditor, and preferably as both.
- You have a solid understanding of regulatory standards and have leveraged and implemented common control mappings (e.g, FedRAMP/NIST 800-53, HIPAA, ISO 27001, PCI DSS, HITRUST, IRAP, MTCS, etc.).
- You want to work in a fast, high growth startup environment.
Bonus points:
- You've managed SaaS based audits in a multi-cloud environments.
- You are a certified ISO 27001 Lead Auditor/Implementer, QSA and AICPA certified SOC auditor
- You have a strong technical background in systems, software or IT administration and have been responsible for the implementation of technical security controls.
- Experience managing compliance in a large container based environment.
- You take pride in your writing ability and have been praised for it.
- You talk like you write; you are clear, concise, confident, and unafraid to make presentations.
- You have the gravitas and command presence to attend meetings where you'll represent the concerns of security, sometimes against other organizational pressures, while maintaining positive and productive stakeholder relationships.
- You're familiar with cloud based productivity tools (e.g., JIRA, Confluence, GDocs).
- You assume the best intent in others, exude positivity and optimism, and love Monday mornings!
Why You Should Apply:
- Generous and competitive global and US benefits
- New hire stock equity (RSUs) and employee stock purchase plan
#LI-DO1
Equal Opportunity at Datadog:
Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
Your Privacy:
Any information you submit to Datadog as part of your application will be processed in accordance with Datadog's Applicant and Candidate Privacy Notice .