HN Jobs

Senior Application Security Engineer DataDog -----How Do I Apply----- * Send me an email with your resume and GitHub at kh@datadoghq.com -----What you will do----- * Perform code and design reviews, contribute code that improves security throughout Datadog's products * Educate your fellow engineers about security in code and infrastructure * Monitor production applications for anomalous activity * Prioritize and track application security issues across the company * Help improve our security policies and processes -----Who you should be----- * You have significant experience with network and application security * You can navigate the whole stack in pursuit of potential security issues * You want to work in a fast, high growth startup environment -----Bonus points----- * You contribute to security projects * You're comfortable with python, go and javascript. (You won't find any PHP or Java here :D) * CTF experience (I recommend you play with OpenToAll if you don't have any) * Program analysis knowledge -----Sample interview questions----- * Flip to a page of WAHH, TAOSSA, CryptoPals, ask you about it. * Explain these acronyms DEP/ASLR/GS/CFI/AFL/ASAN/LLVM/ROP/COOP/RAP/ECB/CBC/CTR/HPKP/SSL/DNS/IP/HTTP/HMAC/GCM/Z3/SMT/SHA/CSRF/SQLi/DDoS/MAC/DAC/BREACH/CRIME? * How would you implement TCP using UDP sockets? * How do you safely store a password? (Hint: scrypt/bcrypt/pbkdf2) * How do you fake a referer header? (Hint: Flash objects, meta tags etc.) * What's an open-redirect? (Hint: WAHH) * How does Let's Encrypt work? I personally applied because I love Python but I like the company a lot so far.