• Design, implement, and tune high-fidelity detections across cloud, endpoint, SaaS, identity, and application environments • Build and optimize queries, alerts, and correlation logic within our SIEM and EDR platforms • Participate in SOC on-call rotation and serve as escalation point for high-severity incidents • Lead complex investigations across endpoint, cloud, SaaS, and identity environments • Triage and validate high-impact alerts, ensuring consistent investigative rigor and documentation • Conduct proactive threat hunting to identify gaps in detection coverage • Drive continuous improvement of playbooks, runbooks, and case management standards • Build custom security tooling to improve alert enrichment, investigation, and response • Develop integrations between security tools and internal systems via APIs • Automate repetitive investigative workflows and containment actions • Improve signal quality and reduce false positives across the stack • Contribute to guardrails and enforcement mechanisms across cloud and SaaS environments • Serve as the technical escalation point for high-severity incidents • Lead complex investigations and root cause analysis • Improve and mature incident response playbooks and processes • Conduct post-incident analysis and drive systemic improvements • Raise the technical bar within the SOC through mentorship and code/detection review • Establish standards for detection quality and investigation rigor • Partner closely with AppSec, Infrastructure Security, IT, and Engineering • Help shape the SOC and detection engineering roadmap

• SIEM Platform Management • Log Source Integration • Content Development and Optimization • Performance Monitoring and Optimization • Documentation and Reporting • Security Incident Response • Client Engagement and Advisory • Collaboration and Support • Continuous Learning and Threat Awareness

• Monitor security events and logs from a variety of systems and networks in Datadog • Identify potential security incidents and threats • Perform analysis and investigations, correlating events and data to detect security incidents • Develop, document, and evolve processes and procedures for responding to security incidents • Provide technical guidance, training, and support to other members of the security team • Maintain an up-to-date knowledge of security threats, vulnerabilities, and countermeasures • Work independently with customers on implementations and remote services • Troubleshoot basic configuration/script issues • Attend requirements review and validation sessions as needed • Utilize strong written and verbal communication skills • Stay on time and on task with assigned customer work

• Monitor security events and logs from a variety of systems and networks in Datadog • Identify potential security incidents and threats • Perform analysis and investigations, correlating events and data to detect security incidents • Develop, document, and evolve processes and procedures for responding to security incidents • Provide technical guidance, training, and support to other members of the security team • Maintain an up-to-date knowledge of security threats, vulnerabilities, and countermeasures • Work independently with customers on implementations and remote services • Troubleshoot basic configuration/script issues • Attend requirements review and validation sessions as needed • Utilize strong written and verbal communication skills • Stay on time and on task with assigned customer work