Have you ever wondered what happens inside the cloud?
Based in New York, DigitalOcean is a dynamic, high-growth technology company that serves a robust & passionate community of developers, teams, & businesses around the world. We believe that todays entrepreneurs are changing the world through software. Our mission is to empower these entrepreneurs by bringing modern app development within reach for any developer, anywhere in the world.
We want people who are passionate about making the internet a safer place for everyone.
We're looking for a Senior Product Security Engineer to solve large-scale, across-the-stack, security challenges in our products & infrastructure. Your work will make our million+ customers & tens of thousands of hypervisors more secure, & will help ensure that DigitalOcean is a respected contributor to the broader security community.
You'll report to the Director of Product & Infrastructure Security & will work with the rest of DigitalOcean to find innovative ways to make the systems we build as safe as possible. Your technical contributions could include building central systems for the rest of DigitalOcean engineering to use, developing new testing tools for internal or external deployment, supporting large transformation projects, & advising other teams on the best ways to handle new vulnerabilities.
Our customers trust us with their data & operations, & we take that responsibility seriously. Security at DO means solving incredibly complex problems at a high-scale that have real impact for our customers, our products, & for the larger internet community.
What Youll Be Doing:
- Identify systemic problems in our environment, then shepherd developing & deploying security capabilities at scale, using languages such as Go & Ruby, & tools such as Kubernetes, Docker, & Chef.
- Partner with product teams to make sure that we deliver an excellent & secure workflow spanning development, deployment, & production monitoring.
- Participate in architecture reviews to identify risks in new systems & prioritize remediation work.
- Review & triage results coming from existing controls (e.g. bug bounties, image reviews, 3rd party contributors, etc.). Optimize these systems as necessary.
- Advise engineering teams on how to best address vulnerabilities in our environment.
- Coordinate with our SOC to improve the scope of our production monitoring.
- Participate in outreach to our engineers (e.g. developer training, office hours, internal CTFs).
What Well Expect From You:
- Strong communication skills, both written & verbal.
- A habit of approaching security problems with creativity & flexibility that takes the entire stack into consideration.
- Demonstrable experience securing large scale environments under very active development.
- Demonstrable experience collaborating with internal engineering teams.
- Working knowledge of modern development concepts (virtualized environments, continuous integration & delivery, containerization), network architecture, & system architecture.
- Software engineering experience (you can write robust code with good test coverage & can point to specific examples of projects youve successfully delivered in the past).
- Expertise with at least one of the following languages:
Go, Ruby, Python, C/C++
- Experience with appsec (Static/dynamic) & collaborating with developers to drive improvements.
Why Youll Like Working for DigitalOcean:
- We value development. You will work with some of the smartest & most interesting people in the industry. We are a high-performance organization that is always challenging ourselves to continuously grow. We maintain a growth mindset in everything we do & invest deeply in employee development through formalized mentorship, LinkedIn Learning tracks, & other internal programs. We also provide all employees with reimbursement for relevant conferences, training, & education.
- We care about your physical, financial & mental well-being. We offer competitive health, dental, & vision benefits for employees & their dependents, a monthly gym reimbursement to support your physical health, & a commute or internet allowance to make your trips to your office or your desk easier. We offer generous parental leave with transition time built-in upon return to work. We offer competitive compensation & a 401k plan with up to a 4% employer match.
- We support our remote employee experience. While we have great office spaces in NYC, Cambridge & Palo Alto, were very distributedwe use a number of communication tools to connect across the companyand all remote employees have the opportunity to visit our offices & meet their teams face-to-face at team offsites. We also have an annual company offsite, Shark Week, to get quality in-person time with the entire company at least once a year. We also allow employees to outfit their workstations to meet their needswhether remote or in office.
- We value diversity & inclusivity. We are an equal opportunity employer & we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Department: Security #LI-Remote
Want to learn more about our Security team? Click here!
Want an inside look into life at DO? Click here to hear from our employees!