Principal Software Engineer for Security (BCDR)

Boston | Norwalk | Remote | Rochester | Toronto

Principal Software Engineer for Security (Business Continuity & Disaster Recovery)

Datto, the world’s leading provider of IT solutions delivered through managed service providers, is looking for a Principal Software Engineer with a passion for security to join our fast paced growing team.

Datto’s Business Continuity and Disaster Recovery (BCDR) products provide block-level backup solutions for physical, virtual, and public cloud based systems. 

In the event of data loss, customers can recover data in a variety of ways including; restoring files or directories, mounting volumes as iSCSI targets or Samba shares, launching a backup as a local or remotely hosted virtual machine, or by redeploying a backup to a production environment.

Datto’s BCDR solution architecture includes agent application and kernel driver software for Windows and Linux, Linux powered backup appliances running on physical hardware and virtualized in public/private clouds, and multiple backend services/APIs powering Datto’s private cloud.

A Look Inside the Job

As the BCDR Principal Software Engineer for Security you will partner with the Datto Application Security team, other BCDR Principal Engineers, and multiple software engineering teams to lead the design and development of Datto’s BCDR solutions with a focus on product security. 

About You

  • You have a passion for security, software engineering, and continuous learning
  • You have excellent communication skills
  • You are a self-starter and thrive in a fast paced environment
  • You offer new ideas and a unique point of view
  • You look forward to collaborating with diverse teams
  • You eagerly seek and give help
  • You are inquisitive and focused, and see every challenge as an opportunity
  • You would rather create the future than wait for it
  • Transparency tops your list of values, and you contribute to a culture of respect and inclusion

In this job you will:

  • Partner with the Datto Security team to champion product security throughout the software development lifecycle
  • Collaborate on the development of technical roadmaps to advance product security
  • Serve as the BCDR product security subject matter expert (SME) and represent Datto in partner calls and escalations related to security
  • Own the remediation of security risk and audit findings related to product architecture
  • Own the implementation of software security models within the BCDR solution
  • Collaborate with Product and Engineering leadership to prioritize security related work
  • Partner with team Security Champions on the evaluation and remediation of vulnerabilities identified by security scanning tools or uncovered by customers, third party researchers, or internal penetration testing
  • Participate in design and code reviews with a focus on security
  • Champion security best practices and serve as a mentor on secure design and coding standards

Required Experience:

  • 8+ years of professional experience developing solutions in an object-oriented language such as Java, PHP, C++, or C# 
  • B.S. or M.S. in Software Engineering, Computer Science, or a related field (or equivalent experience)
  • Strong Computer Science fundamentals in data structures, design patterns, and algorithms
  • Experience with Linux and shell scripting (bash)
  • Strong understanding of:
    • OWASP Top 10 vulnerabilities and common mitigation strategies
    • Vulnerability scoring frameworks such as CVSS and CWSS
    • Authentication and authorization frameworks/standards
    • Threat modeling
  • Experience developing solutions following a secure software development lifecycle based on Agile methodologies
  • Familiar with: 
    • BSIMM or SAMM software security maturity models
    • Static and dynamic application security testing tools 
    • Familiarity with NIST Frameworks

Beneficial Experience:

  • CSSLP or similar security certification
  • Familiarity with hypervisors (VMWare, Hyper-v, VirtualBox, KVM, etc)
  • Familiarity with containerized applications, containerization platforms, and supporting containerization platform software such as a service mesh. 
  • Familiarity with PHP, Apache, Symfony, NGINX, HAproxy, Ubuntu
  • Familiarity with zfs or similar COW filesystems

Note: We are looking for candidates willing to join us directly as W2 employees (No 3rd party candidates)

About Datto

Datto is a creative company at its core and is an exciting and dynamic workplace. We're 100% focused on our managed service provider partners and believe that with the right technology, managed service providers can change how businesses around the world operate. Datto provides data protection, business continuity, networking, business management, and file backup and sync products that empower and protect the clients of our 15,000+ partners. We're headquartered in Norwalk, Connecticut and have 22 offices worldwide.

At Datto, we believe our employees are our greatest asset and offer all full-time employees a wide-ranging benefits package, including:

  • Comprehensive health-care benefits
  • Flexible paid time off policy
  • Free food, drinks, and fresh organic fruit
  • Fitness reimbursement
  • Charity match program
  • Transit subsidy in select cities
  • Education reimbursement
  • Free catered lunch every Friday
  • Gorgeous modern office space
  • And more!

By submitting an application, you acknowledge we will process your data in order to consider you for the position you apply for and for other open positions within our company for which you may be suited.  We collect and store your data in accordance with our Recruiting Privacy Practices.

Datto is an equal opportunity employer.

Principal Software Engineer for Security (BCDR)

Demographic Questions

Individuals seeking employment at Datto are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. In order to track the effectiveness of our recruiting efforts and ensure we consider the needs of all our employees, please consider answering the following questions.

Completion is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter and any information that you do provide will be recorded and maintained in a confidential file.

Your responses to any of the following questions will be anonymized and only used to improve Datto’s diversity and inclusion initiatives. These responses will not be used / reviewed in connection with your application for employment.

I identify my gender as:

I identify as transgender:

I consider myself a member of the LGBTQ+ community

I identify my sexual orientation as:

I identify my ethnicity as:

Veteran status:

I have a physical disability:


Sorry, your application was not successfully submitted

Hurray! Your application was successfully submitted

Back to Careers