Job Description:

　　DataRobot is the leader in Value-Driven AI, a unique and collaborative approach to generative and predictive AI that combines an open platform, deep expertise and broad use-case experience to improve how organizations run, grow and optimize their business. The DataRobot AI Platform is the only complete AI lifecycle platform that interoperates with an organization’s existing investments in data, applications and business processes, and can be deployed on prem or on any cloud environment. Global organizations, including 40% of the Fortune 50, rely on DataRobot to drive greater impact and value from AI.

　　DataRobot is the leader in Value-Driven AI, a unique and collaborative approach to generative and predictive AI that combines an open platform, deep expertise and broad use-case experience to improve how organizations run, grow and optimize their business. The DataRobot AI Platform is the only complete AI lifecycle platform that interoperates with an organization’s existing investments in data, applications and business processes, and can be deployed on prem or on any cloud environment. Global organizations, including 40% of the Fortune 50, rely on DataRobot to drive greater impact and value from AI.

　　DataRobot is seeking to hire an experienced Product Security Engineer that has a strong understanding of application security, container security, and secure software development. This is a highly technical role with plenty of opportunities to drive change and influence security across the whole organization.

　　Key Responsibilities:

　　Build out and own our third party bug bounty program

　　Identify, design and implement technical security measures and controls to safeguard production environments and workloads.

　　Perform threat modeling, security tabletop exercises, and risk assessments to prioritize security risks based on their potential impact.

　　Serve as a subject matter expert and consult with / train internal teams on application security best practices and standards.

　　Work with external security researchers, internal teams, and liaise with third-party vendors to identify and address product vulnerabilities.

　　Develop automation to implement and manage security tooling.

　　Key Relationships:

　　The position will be responsible for communicating with internal and external parties.

　　Knowledge, Skills and Abilities:

　　Strong application security background and knowledge of secure coding practices and common vulnerabilities (e.g. OWASP Top 10)

　　Experience developing threat models for new project features and ability to provide meaningful security feedback to engineering teams

　　Proven experience running bug bounty programs and third party penetration tests

　　Familiarity with common web application and security testing tools for SAST, DAST, and IAST analysis such as Semgrep, Trivy, Burp Suite, and Zap

　　Experience with secure development frameworks (e.g. Sigstore, SLSA, BSIMM)

　　Fluent writing code using Python or Golang and performing secure code reviews

　　Strong communication and leadership skills for guiding teams and liaising with various stakeholders.

　　Preferred

　　Experience securing and using container based technology

　　Experience securing cloud-based services and infrastructure across the major cloud providers (AWS, Azure, GCP)

　　Hands-on experience using IaC tools such as Terraform for managing cloud resources

　　Familiarity with common regulatory compliance requirements (e.g., ISO-27001, SOC2, HIPAA, GDPR) and experience in implementing security controls to meet these standards.

　　Requisite Education and Experience / Minimum Qualifications:

　　Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Systems, or a related field

　　8+ years experience working in product security roles, preferably at SaaS companies or cloud-based environments

　　Experience leading security projects and initiatives, as well as managing cross-functional teams in a security context.

　　The talent and dedication of our employees are at the core of DataRobot’s journey to be an iconic company. We strive to attract and retain the best talent by providing competitive pay and benefits with our employees’ well-being at the core. Here’s what your benefits package may include depending on your location and local legal requirements: Medical, Dental & Vision Insurance, Flexible Time Off Program, Paid Holidays, Paid Parental Leave, Global Employee Assistance Program (EAP) and more!

　　DataRobot Operating Principles:

　　Wow Our Customers

　　Set High Standards

　　Be Better Than Yesterday

　　Be Rigorous

　　Assume Positive Intent

　　Have the Tough Conversations

　　Be Better Together

　　Debate, Decide, Commit

　　Deliver Results

　　Overcommunicate

　　Research shows that many women only apply to jobs when they meet 100% of the qualifications while many men apply to jobs when they meet 60%. At DataRobot we encourage ALL candidates, especially women, people of color, LGBTQ+ identifying people, differently abled, and other people from marginalized groups to apply to our jobs, even if you do not check every box. We’d love to have a conversation with you and see if you might be a great fit.

　　All U.S. DataRobot employees must be fully vaccinated against COVID-19. If there is a medical, religious, or other legally protected reason that prevents you from receiving an available COVID-19 vaccination, and you are selected as a candidate for consideration, we have a process in place to evaluate requests for accommodation.

　　DataRobot is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. DataRobot is committed to working with and providing reasonable accommodations to applicants with physical and mental disabilities. Please see the United States Department of Labor’s EEO poster and EEO poster supplement for additional information.

　　All applicant data submitted is handled in accordance with our Applicant Privacy Policy (https://www.datarobot.com/privacy/applicantpolicy/) .

　　DataRobot is the AI Cloud leader, delivering a unified platform for all users, all data types, and all environments to accelerate delivery of AI to production. Trusted by global customers across industries and verticals, including a third of the Fortune 50, delivering over a trillion predictions for leading companies globally.

　　DataRobot has become aware of scams involving false offers of DataRobot employment. The scams and false offers use imposter websites, email addresses, text messages, and other fraudulent means. None of these offers are legitimate, and DataRobot’s recruiting process never involves conducting interviews via instant messages, nor requires candidates to purchase products or services, or to process payments on our behalf. Please note that DataRobot does not ask for money in its recruitment process. DataRobot is committed to providing a safe and secure environment for all job applicants. We encourage all job seekers to be vigilant and protect themselves against recruitment scams by verifying the legitimacy of any job offer before providing personal information or paying any fees. Communication from our company will be sent from a verified email address using the @ datarobot.com email domain. If you receive any suspicious emails or messages claiming to be from DataRobot, please do not respond.

　　Thank you for your interest in DataRobot, and we look forward to receiving your application through our official channels.

　　Don't see the dream job you are looking for? Drop off your contact information and resume and we will reach out to you if we find the perfect fit!