* Send me an email with your resume and GitHub at kh@datadoghq.com
-----What you will do-----
* Perform code and design reviews, contribute code that improves security throughout Datadog's products
* Educate your fellow engineers about security in code and infrastructure
* Monitor production applications for anomalous activity
* Prioritize and track application security issues across
the company
* Help improve our security policies and processes
-----Who you should be-----
* You have significant experience with network and application security
* You can navigate the whole stack in pursuit of potential security issues
* You want to work in a fast, high growth startup environment
-----Bonus points-----
* You contribute to security projects
* You're comfortable with python, go and javascript. (You won't find any PHP or Java here :D)
* CTF experience (I recommend you play with OpenToAll if you don't have any)
* Program analysis knowledge
-----Sample interview questions-----
* Flip to a page of WAHH, TAOSSA, CryptoPals, ask you about it.
* Explain these acronyms DEP/ASLR/GS/CFI/AFL/ASAN/LLVM/ROP/COOP/RAP/ECB/CBC/CTR/HPKP/SSL/DNS/IP/HTTP/HMAC/GCM/Z3/SMT/SHA/CSRF/SQLi/DDoS/MAC/DAC/BREACH/CRIME?
* How would you implement TCP using UDP sockets?
* How do you safely store a password? (Hint: scrypt/bcrypt/pbkdf2)
* How do you fake a referer header? (Hint: Flash objects, meta tags etc.)
* What's an open-redirect? (Hint: WAHH)
* How does Let's Encrypt work?
I personally applied because I love Python but I like the company a lot so far.
DataDog
-----How Do I Apply-----
* Send me an email with your resume and GitHub at kh@datadoghq.com
-----What you will do-----
* Perform code and design reviews, contribute code that improves security throughout Datadog's products
* Educate your fellow engineers about security in code and infrastructure
* Monitor production applications for anomalous activity
* Prioritize and track application security issues across the company
* Help improve our security policies and processes
-----Who you should be-----
* You have significant experience with network and application security
* You can navigate the whole stack in pursuit of potential security issues
* You want to work in a fast, high growth startup environment
-----Bonus points-----
* You contribute to security projects
* You're comfortable with python, go and javascript. (You won't find any PHP or Java here :D)
* CTF experience (I recommend you play with OpenToAll if you don't have any)
* Program analysis knowledge
-----Sample interview questions-----
* Flip to a page of WAHH, TAOSSA, CryptoPals, ask you about it.
* Explain these acronyms DEP/ASLR/GS/CFI/AFL/ASAN/LLVM/ROP/COOP/RAP/ECB/CBC/CTR/HPKP/SSL/DNS/IP/HTTP/HMAC/GCM/Z3/SMT/SHA/CSRF/SQLi/DDoS/MAC/DAC/BREACH/CRIME?
* How would you implement TCP using UDP sockets?
* How do you safely store a password? (Hint: scrypt/bcrypt/pbkdf2)
* How do you fake a referer header? (Hint: Flash objects, meta tags etc.)
* What's an open-redirect? (Hint: WAHH)
* How does Let's Encrypt work?
I personally applied because I love Python but I like the company a lot so far.