Datto, the world’s leading provider of IT solutions delivered through managed service providers, is looking for a Software Engineer with a passion for security to join our fast paced growing team.
A Look Inside the Job
As the security champion for Datto’s BCDR device team, you will partner with our security teams to enhance and protect the software powering Datto’s SIRIS and Alto business continuity and disaster recovery (BCDR) products, ~90K edge devices deployed across all 7 continents.
Datto’s BCDR devices are linux powered backup appliances that perform block-level snapshots of physical, virtual, and public cloud based servers. Backup data is stored as raw disk images in a local ZFS-based disk array.
In the event of data loss, customers can recover data in a variety of ways including; restoring files or directories, mounting volumes as iSCSI targets or Samba shares, launching a backup as a local or remotely hosted virtual machine, or deploying a backup to physical hardware.
- You have a passion for security, software engineering, and continuous learning
- You offer new ideas and a unique point of view
- You look forward to collaborating with diverse teams
- You are a self-starter and thrive in a fast paced environment
- You eagerly seek and give help
- Transparency tops your list of values, and you contribute to a culture of respect and inclusion
- You are inquisitive and focused, and see every challenge as an opportunity
- You would rather create the future than wait for it
- You have excellent communication skills
In this job you will:
- Partner with the Datto Security team to champion security throughout the software development lifecycle
- Collaborate with the Product Owner and the Principal Engineer to prioritize security related work
- Design and implement fixes for vulnerabilities identified by security scanning tools or uncovered by our pentest team
- Participate in design and code reviews with a focus on security
- Design and implement security specific automated testing
- Mentor other software engineers on secure coding practices
- Contribute to the continual improvement of the architecture and code base
- 3+ years of professional experience developing solutions in an object-oriented language such as Java, PHP, C++, or C#
- B.S. or M.S. in Software Engineering, Computer Science, or a related field (or equivalent experience)
- Strong Computer Science fundamentals in data structures, design patterns, and algorithms
- Experience with Linux and shell scripting (bash)
- Solid understanding of the OWASP Top 10 vulnerabilities
- Familiar with static and dynamic application security testing tools (Nessus, Acunetix, RIPS, etc)
- Security+ or similar security certification
- Familiar with vulnerability scoring frameworks such as CVSS
- Understanding of authentication and authorization frameworks/standards
- Familiarity with hypervisors (VMWare, Hyper-v, VirtualBox, KVM, etc)
- Familiarity with PHP, Apache, Symfony, NGINX, Ubuntu
- Familiarity with zfs or similar COW filesystems
- At Datto, we believe our employees are our greatest asset and offer all full-time employees a wide-ranging benefits package, including:
Summary of benefits not showing up? View a summary here: Datto Benefits
By submitting an application, you acknowledge we will process your data in order to consider you for the position you apply for and for other open positions within our company for which you may be suited. We collect and store your data in accordance with our Recruiting Privacy Practices.
Datto is an equal opportunity employer.