Staff Software Engineer (Security)

Datto, Rochester, NY, United States

The Total Data Protection Company

Datto, the world’s leading provider of IT solutions delivered through managed service providers, is looking for a Staff Software Engineer with a passion for security to join our fast paced growing team.

A Look Inside the Job

As the security champion for Datto’s BCDR agents team, you will partner with our security teams to enhance and protect the software that backs up data from our customer’s computers, 300K machines across all 7 continents.

The Datto BCDR agent is an application that runs in the user space and kernel space of the OS driver stack to perform block-level backups of physical, virtual, and public cloud based servers. Backup data is stored as raw disk images in a local ZFS-based disk array.

In the event of data loss, customers can recover data in a variety of ways including; restoring files or directories, mounting volumes as iSCSI targets or Samba shares, launching a backup as a local or remotely hosted virtual machine, or deploying a backup to physical hardware.

About You

  • You have a passion for security, software engineering, and continuous learning
  • You offer new ideas and a unique point of view
  • You look forward to collaborating with diverse teams
  • You are a self-starter and thrive in a fast paced environment
  • You eagerly seek and give help
  • Transparency tops your list of values, and you contribute to a culture of respect and inclusion
  • You are inquisitive and focused, and see every challenge as an opportunity
  • You would rather create the future than wait for it
  • You have excellent communication skills

In this job you will:

  • Partner with the Datto Security team to champion security throughout the software development lifecycle
  • Collaborate with the Product Owner and the Principal Engineer to prioritize security related work
  • Design and implement fixes for vulnerabilities identified by security scanning tools or uncovered by our pentest team 
  • Participate in design and code reviews with a focus on security
  • Design and implement security specific automated testing
  • Mentor other software engineers on secure coding practices
  • Contribute to the continual improvement of the architecture and code base

Required Experience:

  • 3+ years of professional experience developing solutions in C++ and/or C 
  • B.S. or M.S. in Software Engineering, Computer Science, or a related field (or equivalent experience)
  • Strong Computer Science fundamentals in data structures, design patterns, and algorithms
  • Experience with the Microsoft storage stack, including the Volume Shadow Copy Service
  • Solid understanding of the OWASP Top 10 vulnerabilities
  • Familiar with static and dynamic application security testing tools (Nessus, Acunetix, RIPS, etc)

Beneficial Experience:

  • Security+ or similar security certification
  • Familiar with vulnerability scoring frameworks such as CVSS
  • Understanding of authentication and authorization frameworks/standards
  • Familiarity with hypervisors (VMWare, Hyper-v, VirtualBox, KVM, etc)
  • Familiarity with PHP, Apache, Symfony, NGINX, Ubuntu
  • Familiarity with zfs or similar COW filesystems


At Datto, we believe our employees are our greatest asset and offer all full-time employees a wide-ranging benefits package, including:

  • Comprehensive health-care benefits
  • Flexible paid time off policy
  • Charity match program
  • Transit subsidy in select cities
  • Education reimbursement
  • And more!

By submitting an application, you acknowledge we will process your data in order to consider you for the position you apply for and for other open positions within our company for which you may be suited.  We collect and store your data in accordance with our Recruiting Privacy Practices.

Datto is an equal opportunity employer.


About Datto

About us Datto protects business data and provides secure connectivity for tens of thousands of the world's fastest growing companies. Datto's Total Data Protection solutions deliver uninterrupted access to business data on site, in transit and in the cloud. Thousands of IT service providers globally rely on Datto's combination of pioneering technology and dedicated services to ensure businesses are always on, no matter what. Datto is headquartered in Norwalk, Connecticut and has offices in Rochester, Boston, Portland, Toronto, London, Singapore and Sydney. Learn more at www.datto.com.

Want to learn more about Datto? Visit Datto's website.