
Datadog · Dublin
As a Senior Security Engineer focused on Datadog’s Cloud SIEM product, you will help shape the future of security operations by transforming real-world security...
As a Senior Security Engineer focused on Datadog’s Cloud SIEM product, you will help shape the future of security operations by
transforming real-world security expertise into scalable detection, investigation, and response capabilities. You will develop
high-impact threat detection content, improve AI-assisted security workflows, and help defenders identify and respond to threats
across cloud-native and enterprise environments. Working closely with Product, Engineering, and Security Research teams, you will
influence the evolution of Datadog Security products while advancing detection coverage across emerging technologies and attack
surfaces. This role offers the opportunity to contribute to open source initiatives, publish security research, and help define
the next generation of agentic security operations capabilities.
At Datadog, we place value in our office culture - the relationships and collaboration it builds and the creativity it brings to
the table. We operate as a hybrid workplace to ensure our Datadogs can create a work-life harmony that best fits them.
capabilities that protect customers at cloud scale.
capabilities.
measurement, and continuous improvement.
other modern attack surfaces.
outcomes across the platform.
disciplines.
technologies including Kubernetes, Docker, and Terraform.
analysis.
security tooling.
organizations.
Datadog values people from all walks of life. We know not everyone will meet all the above qualifications on day one. That’s okay.
If you’re passionate about technology and want to grow your experience, we encourage you to apply.
Benefits and Growth listed above may vary based on the country of your employment and the nature of your employment with Datadog.
#LI-Hybrid
Datadog is the leading observability and security platform for the AI era, providing businesses with unified visibility across the
technology stack to manage complexity at scale. It brings applications, infrastructure, data, models, and security into one place,
using AI to detect and resolve issues before they impact customers. Trusted globally by Fortune 500 companies and high-growth AI
leaders, Datadog enables businesses to move faster with clarity and confidence. Learn more about #DatadogLife on Instagram,
LinkedIn, and Datadog Learning Center.
Datadog is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national
origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and other
characteristics protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal
requirements. Here are our Candidate Legal Notices for your reference.
Datadog endeavors to make our Careers Page accessible to all users. If you would like to contact us regarding the accessibility of
our website or need assistance completing the application process, please complete this form. This form is for accommodation
requests only and cannot be used to inquire about the status of applications.
Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and
Candidate Privacy Notice. For information on our AI policy, please visit Interviewing at Datadog AI Guidelines.
GitLab is the intelligent orchestration platform for DevSecOps. GitLab enables organizations to increase developer productivity, improve operational efficiency, reduce security and compliance risk, and accelerate digital transformation. More than 50 million registered users and more than 50% of the Fortune 100* trust GitLab to ship better, more secure software faster. The same principles built into our products are reflected in how our team works: we embrace AI as a core productivity multiplier, with all team members expected to incorporate AI into their daily workflows to drive efficiency, innovation, and impact. GitLab is where careers accelerate, innovation flourishes, and every voice is valued. Our high-performance culture is driven by our values and continuous knowledge exchange, enabling our team members to reach their full potential while collaborating with industry leaders to solve complex problems. Co-create the future with us as we build technology that transforms how the world develops software. *Fortune 500® is a registered trademark of Fortune Media IP Limited, used under license. Claim based on GitLab data. Fortune 100 refers to the top 20% ranked companies in the 2025 Fortune 500 list, published in June 2025. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of GitLab. An overview of this role As a Senior Security Engineer on GitLab’s Security Incident Response Team (SIRT), you will play a critical role in defending GitLab.com and the broader GitLab environment against evolving security threats. You will lead high-impact incidents and investigations, drive continuous improvements in defense, detection and response capabilities, and help scale security operations through automation and intelligent workflows. Operating within a 24/7 global environment (follow the sun model), you will own incidents end-to-end - from detection and triage through containment, eradication, and recovery - while partnering cross-functionally to strengthen GitLab’s overall security posture. A key aspect of this role is leveraging automation and AI-driven approaches to improve detection fidelity, accelerate investigations, and reduce response times. You will help shape how modern tooling and data are applied to stay ahead of evolving adversary tactics. This role is ideal for someone who thrives in high-tempo environments, brings strong DFIR expertise, and is equally passionate about operational excellence and building scalable detection and response systems and workflows. WHAT YOU’LL DO * Lead and coordinate end-to-end incident response for high-severity security events within a 24/7 global on-call model, with this role operating during EMEA business hours * Prepare clear executive communications that keep stakeholders informed during incidents * Investigate complex security incidents across cloud environments, applying strong Digital Forensics and Incident Response (DFIR) methodologies * Partnering with Signals Engineering to design and implement detection capabilities, including SIEM use cases, alerting strategies, and telemetry pipelines * Build and enhance automation and AI-assisted workflows to improve triage, investigation speed, and response consistency * Partner with Threat Intelligence to contextualize threats and improve detection coverage * Conduct root cause analysis (RCA) and lead post-incident reviews to drive continuous improvement and risk reduction * Develop and maintain runbooks, playbooks, and operational documentation * Collaborate cross-functionally (Engineering, Infrastructure, Legal, Product, Communications, etc) during incidents and lead proactive initiatives (e.g. tabletops) * Mentor other engineers and help elevate the team’s overall incident response maturity WHAT YOU’LL BRING * Strong experience in security incident response and investigations in cloud-first environments * Experience using or administering Git/GitLab in a security or engineering context * Hands-on experience with SIEM, EDR, and/or detection engineering * Experience with cloud platforms (AWS & GCP) * Familiarity with threat intelligence and adversary tactics (e.g., MITRE ATT&CK) * Experience building or working with automation (e.g., Python, scripting, SOAR platforms) * Interest or experience in applying AI/ML or data-driven techniques to detection, triage, or response workflows * Strong analytical and problem-solving skills; ability to operate effectively during high-severity incidents * Excellent written communication skills with a passion for clear, actionable documentation * Growth mindset with a proactive approach to identifying and mitigating security risks ABOUT THE TEAM The Security Incident Response Team (SIRT) is a globally distributed team of engineers split across 3 core regions; AMER, APAC and EMEA, and is at the forefront of security events that impact both GitLab.com and GitLab cloud and corporate environments. We are both reactive and proactive, leading security investigations, incident response support and response resolution, through to cyber threat analysis and detection and response engineering. Even though we’re a global team, we work together in a cross-regional manner and have automation and processes to facilitate collaboration when resolving incidents, handovers, and general collaboration for project work as well. HOW GITLAB SUPPORTS FULL-TIME EMPLOYEES * Benefits to support your health, finances, and well-being * Flexible Paid Time Off * Team Member Resource Groups * Equity Compensation & Employee Stock Purchase Plan * Growth and Development Fund * Parental Leave Please note that we welcome interest from candidates with varying levels of experience; many successful candidates do not meet every single requirement. Additionally, studies have shown that people from underrepresented groups are less likely to apply to a job unless they meet every single qualification. If you're excited about this role, please apply and allow our recruiters to assess your application. ---------------------------------------------------------------------------------------------------------------------------------- Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process. Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us. GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.
Every day, tens of millions of people come to Roblox to explore, create, play, learn, and connect with friends in 3D immersive digital experiences– all created by our global community of developers and creators. At Roblox, we’re building the tools and platform that empower our community to bring any experience that they can imagine to life. Our vision is to reimagine the way people come together, from anywhere in the world, and on any device. We’re on a mission to connect a billion people with optimism and civility, and looking for amazing talent to help us get there. A career at Roblox means you’ll be working to shape the future of human interaction, solving unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone. As a founding member of the Security Operations team in EMEA, you will join us at an exciting time in Roblox’s SIRT & SOC program. You will design and build the detections, automation and tooling that let a lean team monitor and protect players, developers, employees and the platform at global scale and serve as security incident commander in the region. This is a highly autonomous role where you will be a primary decision-maker, core to our mission to maintain a highly capable 24/7/365 monitoring and response capability. While you will work in close collaboration with peers at our US West Coast Headquarters, the time difference requires an engineer who can operate independently, making critical decisions without immediate oversight. We favor engineering our way out of toil through automation, orchestration, detections-as-code, and risk-based prioritization, while retaining the deep technical skills required to conduct detailed, hands-on analysis and lead response end-to-end when the situation warrants. Work Environment: This role is based in London, UK. You will be working from a dedicated, private space located within a shared office environment, designed to enable collaboration while remaining secure. YOU WILL: * Build Detection & Response Systems: Design, write, and maintain production-quality detections, automations and integrations (detections-as-code, SOAR playbooks, data and enrichment pipelines) that scale our monitoring capability and reduce manual toil. * Own Tooling & Platform: Develop and improve the tooling the global SIRT/SOC depends on alert quality and enrichment, case-management integrations and automation that powers reliable "follow-the-sun" hand-offs. * Exercise High Autonomy: Act as the primary Incident Commander for the European time zone, making critical, time-sensitive decisions independently before US HQ comes online. You will serve as the senior-most security engineering point of contact in the region. * Drive Strategy & Architecture: Shape the technical direction of the detection & response engineering function, specifically architecting how global hand-offs and "follow-the-sun" models can be optimized and automated. * Command Security Incidents: Ensure serious threats and impacts are understood, mitigated, and learned from with speed and professionalism, often leading responses end-to-end without immediate escalation paths during local hours — and turning what you learn into durable, automated detections. * Conduct Forensic Investigations & Threat Hunt: Dig into complex context to determine whether threats exist, take decisive action and proactively hunt for anomalous activity in our signals, distinguishing outliers from threats. * Lead High-Profile Responses: Collaborate with Security and Engineering to lead responses to major vulnerabilities or platform-wide events. * Collaborate Cross-Functionally: Work with Legal, HR, Executive teams, and external partners (Developers & Customers). You will also travel semi-regularly to the USA to visit HQ, ensuring deep alignment with central engineering and security leadership. YOU HAVE: * Experience: 10+ years across security engineering, Infosec, IT, Infra/SRE, and/or Incident Response. * Specialization: 7+ years specifically in Detection or Response, with a track record of building, writing detections, automation or security tooling, not solely operating. * Engineering Proficiency: Comfortable writing and reviewing production-quality code (Scripting) and building automations, integrations and data pipelines that others depend on. * Autonomous Leadership: Proven ability to work independently in satellite offices or distributed teams. You are comfortable being the "person in charge" during your shift and making calls that impact the business. * Incident Command: Extensive experience operating as an incident commander. You can flex into deep engineering work but also possess the executive presence to coordinate responders and communicate status to leadership. * Investigations: Expert-level capability investigating threats in enterprise and production environments, taking ownership from identification to resolution. * Knowledge/Tools/Techniques: Deep understanding of security tooling (SIEM, EDR, IDS/IPS, NDR, SOAR) and experience extending or building on it. You are proficient in applying Incident Response frameworks (NIST IR Lifecycle, Cyber Kill Chain, MITRE ATT&CK) to real-world scenarios, and you collaborate effectively with engineering colleagues, leveraging extensive expertise across infrastructure and technologies (Public Cloud, OS, Virtualization, Containerization, Networking, Build/Development infrastructure, and Hardware). * Education: Bachelor's degree in Computer Science, Cybersecurity, or a related technical field; advanced degree preferred or equivalent experience. YOU ARE: * A Builder-Operator: You would rather automate a problem out of existence than staff around it and you hold yourself to an engineering bar even under incident pressure. * A Strategic Self-Starter: You don't wait for instructions. You identify gaps in coverage — especially those unique to regional or time-zone-specific challenges — and fix them. * A Detailed Thinker: You enjoy exploring the details and considering the second- and third-order effects of your decisions. * An Eager Problem Solver: You are drawn to complex issues rather than avoidant of them. * Emboldened to Make Change: You instinctively ask what you can do to improve the situation rather than waiting to be prompted. * Compelled by our Mission: You are driven by the opportunity to protect our community and the safe space we've created. * A Calculated Risk Taker: You move fast, navigating reasonable risks to take action and build capabilities as quickly as possible. Roles that are based in an office are onsite Tuesday, Wednesday, and Thursday, with optional presence on Monday and Friday (unless otherwise noted). Roblox provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Roblox also provides reasonable accommodations to candidates with qualifying disabilities or religious beliefs during the recruiting process. For US based roles only, please note the Company may not be able to employ candidates for this role who have United States work authorization related to certain U.S. visa categories, or support future H-1B sponsorship at this time.
About the role We’re looking for a Senior CIAM Engineer to take ownership of the customer identity layer for high-traffic, customer-facing applications. This role is focused on designing and scaling authentication and authorization systems that directly impact security, user experience, and platform performance. You’ll work closely with engineering, product, and security teams in an environment where identity is a critical part of the business. What you’ll do -Design and implement authentication and authorization flows using OAuth2, OIDC, and SAML -Own and manage Auth0, including Actions, Rules, Hooks, and custom login experiences -Integrate identity across web, mobile, and backend systems -Implement MFA, Adaptive MFA, and bot protection mechanisms -Customize and optimize Universal Login and user journeys -Automate identity configurations using Terraform or similar tools -Lead user migration from legacy systems into modern identity platforms -Troubleshoot and optimize authentication flows using logs and monitoring tools What you bring -7+ years of experience in identity, security, or backend engineering -Deep expertise in OAuth2, OIDC, SAML, and JWT -Strong development skills in JavaScript and Node.js -Experience with REST APIs and secure system-to-system communication -Solid understanding of RBAC, ABAC, and fine-grained authorization -Hands-on experience with Auth0 Nice to have -Auth0 Professional or Expert certification -Experience with AWS, Azure, or GCP -Familiarity with SIEM/SOAR tools such as Splunk or Datadog -Experience with LDAP or Active Directory Location Newark, California Open to candidates who can work in the U.S., including those willing to relocate Why this role -Own the identity architecture for applications at scale -Work hands-on with modern identity technologies in a high-impact environment -Collaborate across engineering, product, and security -Be part of a growing organization where identity is business-critical About Yora Yora is a bold, value-driven tech hub within Sigma, built for experts who want to solve real-world problems with cutting-edge technology. With roots in Gothenburg and ambitions on a global stage, Yora brings together specialists in AI, cloud, cybersecurity, and advanced engineering. We combine entrepreneurial speed with the strength of the Sigma Group and its 5,000+ specialists worldwide. Our culture is built on technical excellence, ownership, and collaboration. Brave thinking. Diverse unity. From Gothenburg to the world.