Principal Software Engineer for Security (Business Continuity & Disaster Recovery)
Datto, the world’s leading provider of IT solutions delivered through managed service providers, is looking for a Principal Software Engineer with a passion for security to join our fast paced growing team.
Datto’s Business Continuity and Disaster Recovery (BCDR) products provide block-level backup solutions for physical, virtual, and public cloud based systems.
In the event of data loss, customers can recover data in a variety of ways including; restoring files or directories, mounting volumes as iSCSI targets or Samba shares, launching a backup as a local or remotely hosted virtual machine, or by redeploying a backup to a production environment.
Datto’s BCDR solution architecture includes agent application and kernel driver software for Windows and Linux, Linux powered backup appliances running on physical hardware and virtualized in public/private clouds, and multiple backend services/APIs powering Datto’s private cloud.
A Look Inside the Job
As the BCDR Principal Software Engineer for Security you will partner with the Datto Application Security team, other BCDR Principal Engineers, and multiple software engineering teams to lead the design and development of Datto’s BCDR solutions with a focus on product security.
- You have a passion for security, software engineering, and continuous learning
- You have excellent communication skills
- You are a self-starter and thrive in a fast paced environment
- You offer new ideas and a unique point of view
- You look forward to collaborating with diverse teams
- You eagerly seek and give help
- You are inquisitive and focused, and see every challenge as an opportunity
- You would rather create the future than wait for it
- Transparency tops your list of values, and you contribute to a culture of respect and inclusion
In this job you will:
- Partner with the Datto Security team to champion product security throughout the software development lifecycle
- Collaborate on the development of technical roadmaps to advance product security
- Serve as the BCDR product security subject matter expert (SME) and represent Datto in partner calls and escalations related to security
- Own the remediation of security risk and audit findings related to product architecture
- Own the implementation of software security models within the BCDR solution
- Collaborate with Product and Engineering leadership to prioritize security related work
- Partner with team Security Champions on the evaluation and remediation of vulnerabilities identified by security scanning tools or uncovered by customers, third party researchers, or internal penetration testing
- Participate in design and code reviews with a focus on security
- Champion security best practices and serve as a mentor on secure design and coding standards
- 8+ years of professional experience developing solutions in an object-oriented language such as Java, PHP, C++, or C#
- B.S. or M.S. in Software Engineering, Computer Science, or a related field (or equivalent experience)
- Strong Computer Science fundamentals in data structures, design patterns, and algorithms
- Experience with Linux and shell scripting (bash)
- Strong understanding of:
- OWASP Top 10 vulnerabilities and common mitigation strategies
- Vulnerability scoring frameworks such as CVSS and CWSS
- Authentication and authorization frameworks/standards
- Threat modeling
- Experience developing solutions following a secure software development lifecycle based on Agile methodologies
- Familiar with:
- BSIMM or SAMM software security maturity models
- Static and dynamic application security testing tools
- Familiarity with NIST Frameworks
- CSSLP or similar security certification
- Familiarity with hypervisors (VMWare, Hyper-v, VirtualBox, KVM, etc)
- Familiarity with containerized applications, containerization platforms, and supporting containerization platform software such as a service mesh.
- Familiarity with PHP, Apache, Symfony, NGINX, HAproxy, Ubuntu
- Familiarity with zfs or similar COW filesystems
Note: We are looking for candidates willing to join us directly as W2 employees (No 3rd party candidates)
Datto is a creative company at its core and is an exciting and dynamic workplace. We're 100% focused on our managed service provider partners and believe that with the right technology, managed service providers can change how businesses around the world operate. Datto provides data protection, business continuity, networking, business management, and file backup and sync products that empower and protect the clients of our 15,000+ partners. We're headquartered in Norwalk, Connecticut and have 22 offices worldwide.
At Datto, we believe our employees are our greatest asset and offer all full-time employees a wide-ranging benefits package, including:
- Comprehensive health-care benefits
- Flexible paid time off policy
- Free food, drinks, and fresh organic fruit
- Fitness reimbursement
- Charity match program
- Transit subsidy in select cities
- Education reimbursement
- Free catered lunch every Friday
- Gorgeous modern office space
- And more!
By submitting an application, you acknowledge we will process your data in order to consider you for the position you apply for and for other open positions within our company for which you may be suited. We collect and store your data in accordance with our Recruiting Privacy Practices.
Datto is an equal opportunity employer.