Principal Software Engineer - BCDR Product Security

Job Description

Principal Software Engineer for Security (Business Continuity & Disaster Recovery)
Datto, the worlds leading provider of IT solutions delivered through managed service providers, is looking for a Principal Software Engineer with a passion for security to join our fast paced growing team.
Dattos Business Continuity and Disaster Recovery (BCDR) products provide block-level backup solutions for physical, virtual, and public cloud based systems.
In the event of data loss, customers can recover data in a variety of ways including; restoring files or directories, mounting volumes as iSCSI targets or Samba shares, launching a backup as a local or remotely hosted virtual machine, or by redeploying a backup to a production environment.
Dattos BCDR solution architecture includes agent application and kernel driver software for Windows and Linux, Linux powered backup appliances running on physical hardware and virtualized in public/private clouds, and multiple backend services/APIs powering Dattos private cloud.
A Look Inside the Job
As the BCDR Principal Software Engineer for Security you will partner with the Datto Application Security team, other BCDR Principal Engineers, and multiple software engineering teams to lead the design and development of Dattos BCDR solutions with a focus on product security.
About You
You have a passion for security, software engineering, and continuous learning
You have excellent communication skills
You are a self-starter and thrive in a fast paced environment
You offer new ideas and a unique point of view
You look forward to collaborating with diverse teams
You eagerly seek and give help
You are inquisitive and focused, and see every challenge as an opportunity
You would rather create the future than wait for it
Transparency tops your list of values, and you contribute to a culture of respect and inclusion
In this job you will:
Partner with the Datto Security team to champion product security throughout the software development lifecycle
Collaborate on the development of technical roadmaps to advance product security
Serve as the BCDR product security subject matter expert (SME) and represent Datto in partner calls and escalations related to security
Own the remediation of security risk and audit findings related to product architecture
Own the implementation of software security models within the BCDR solution
Collaborate with Product and Engineering leadership to prioritize security related work
Partner with team Security Champions on the evaluation and remediation of vulnerabilities identified by security scanning tools or uncovered by customers, third party researchers, or internal penetration testing
Participate in design and code reviews with a focus on security
Champion security best practices and serve as a mentor on secure design and coding standards
Required Experience:
8+ years of professional experience developing solutions in an object-oriented language such as Java, PHP, C++, or C#
B.S. or M.S. in Software Engineering, Computer Science, or a related field (or equivalent experience)
Strong Computer Science fundamentals in data structures, design patterns, and algorithms
Experience with Linux and shell scripting (bash)
Strong understanding of:
OWASP Top 10 vulnerabilities and common mitigation strategies
Vulnerability scoring frameworks such as CVSS and CWSS
Authentication and authorization frameworks/standards
Threat modeling
Experience developing solutions following a secure software development lifecycle based on Agile methodologies
Familiar with:
BSIMM or SAMM software security maturity models
Static and dynamic application security testing tools
Familiarity with NIST Frameworks
Beneficial Experience:
CSSLP or similar security certification
Familiarity with hypervisors (VMWare, Hyper-v, VirtualBox, KVM, etc)
Familiarity with containerized applications, containerization platforms, and supporting containerization platform software such as a service mesh.
Familiarity with PHP, Apache, Symfony, NGINX, HAproxy, Ubuntu
Familiarity with zfs or similar COW filesystems
Note: We are looking for candidates willing to join us directly as W2 employees (No 3rd party candidates)

Work in United States
Employment Options
Base Salary

200,000 - 250,000 USD

Academic Degree
Professional Experience
  • C++
  • PHP
  • Java
  • NIST
  • Threat Modelling
  • Linux
  • VMWare
  • SDLC
  • Agile
  • Product Security
Apply to Job


Company Name

Datto, Inc

Company Details

View Datto, Inc details


David Feligno

Senior Technical Recruiter

Rochester, New York, United States

View Details

Recruiter Contacts

(619) 507-8124