Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
View Full Job Details on LinkedInAbout DataRobot
DataRobot is an enterprise AI platform company based in Boston, Massachusetts, founded in 2012. The company focuses on making AI and machine learning accessible and impactful for businesses. Co-founded by Jeremy Achin and Tom DeGodoy, DataRobot addresses the shortage of skilled data scientists with its AutoML tool, which accelerates model building for users of varying expertise. The company offers a comprehensive AI platform that automates the entire machine learning lifecycle, from data preparation to deployment and monitoring. Key features include AutoML, an enterprise AI suite that supports generative and predictive AI, and user-friendly tools for collaboration and scaling AI. DataRobot serves over 1,000 organizations globally, including a third of Fortune 50 companies across various sectors such as healthcare, banking, and manufacturing. Its mission is to maximize business impact while minimizing risk, empowering teams with collaborative workflows and governance.
Security at DataRobot
Compiled from job postings & company intelligence
Security Philosophy
“DataRobot's stated AppSec mission is that their "multi-layered security program ensures compliance with industry standards". Their approach to working with developers is "focusing on business enablement". Their risk philosophy includes "automated compliance testing and one-click documentation". A stated goal is to "Implement a Human Feedback Loop". Information is not publicly available for an explicit, public "AppSec mission statement"authored by the AppSec team, or any public document describing a developer-facing "paved road"or explicit gatekeeping policy.”
Security Team
Regarding organizational structure, "a CISO has a seat at the executive-level during strategic or business discussions". The key public-facing leader is Andrew Smeaton, Chief Information Security Officer, who is "focusing on business enablement". Team size estimates and active AppSec job postings are not publicly available. Common skill/tool patterns observed include "Guard Library"for model/messaging protections, "automated compliance testing"and "observability"features, and API security where "All API communications are secured using TLS 1.3". There is no public org chart, no public list of AppSec leaders beyond the CISO, and no public headcount or active AppSec hiring list discovered.
Key Initiatives
There is no public evidence of a named Security Champions program. Regarding "Shift Left"practices, DataRobot "activates comprehensive observability, intervention, and moderation with just two lines of code"and "prompts are evaluated using configured guards in parallel". For vulnerability management intake, "We regularly perform penetration testing using a trusted third party"and conduct "annual external audits". Information on triage/remediation (SLAs, MTTR, ticketing ownership) is not publicly available. Secure SDLC artifacts include "security awareness training for employees"and "role-based access control". A recent initiative (last 6 months) is to "Deploy secure, compliant agentic AI on-prem and air-gapped". There are no public, AppSec-team-authored runbooks or public triage SLAs, and no public detailed vulnerability-to-ticket workflows identified.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.
Interested in this role?
Apply on LinkedIn