Senior Security Engineer (Product Security)

+ 1 more | Remote
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Do you ever wonder what happens inside the cloud?Headquartered in New York but based around the world, DigitalOcean is a dynamic, high-growth technology company that serves a robust and passionate community of developers around the world. Our mission is to simplify cloud computing for every developer. We are working on solving some of the most challenging and interesting technology projects around, on a scale unmatched by most.We want people who are passionate about making the internet a safer place for everyone.

We’re looking for a Senior Product Security Engineer to solve large-scale security challenges while reducing their impact and burden on engineering. We believe application security best enables the enterprise when it integrates into developer lifecycles. Your work will make our million+ customers more secure and will help ensure that DigitalOcean is a respected contributor to the broader security community.

As a member of the Product and Infrastructure Security team, you will report to the Manager of Product Security and collaborate with other security teams and the rest of DigitalOcean to find innovative ways to make the systems we build as safe as possible. Security at DO means solving incredibly complex problems at a high-scale that have real impact for our customers, our products, and for the larger internet community.

What you’ll be doing:

Review architecture and code and provide security guidance (60%)

  • Advise engineers on how to mitigate or avoid web, API, and systems-level vulnerabilities.
  • Collaborate with product managers, designers, and engineers to threat model and architect secure and resilient systems.
  • Review source code against secure coding best practices and contribute security requirements.

Create a paved road for engineers to build securely (20%)

  • Lead the software design and implementation of security services, tools, and libraries to provide secure defaults to the rest of the organization.
  • Promote security remediations in the CI/CD pipeline by building tools and services for engineers to consume.

Cultivate and promote a security culture (20%)

  • Champion an internal security culture (e.g. developer training, internal CTFs, etc.).
  • Help DigitalOcean engineers understand how security events impact them. Do they need to worry about the next Log4j CVE?
What we’ll expect from you

We know you will have a unique combination of skills and don’t expect you to check every box on this list. Below are some of the skills that you have already acquired or will have the opportunity to learn while at DigitalOcean:

Required qualifications:

  • Ability to clearly communicate security topics and vulnerability classes (e.g. OWASP Top Ten) and provide actionable direction to product teams.
  • A record of partnering with internal engineering teams to tackle security problems across an entire stack with empathy and creativity. Engineering teams are our partners, not our adversaries.
  • Hands-on experience in software engineering projects, preferably in languages such as Go, Ruby, Python, C/C++, or JavaScript. You can write robust code with good test coverage and can point to specific examples of projects you’ve successfully delivered in the past.

Preferred qualifications:

  • Working knowledge of modern development concepts (virtualized environments, containerization, continuous integration + delivery), network architecture, and/or system architecture.
  • Experience building or reviewing threat models and ability to craft malicious user, attacker, and abuse/misuse cases.
  • Working knowledge of hardware and software supply chain security.
Why You’ll Like Working for DigitalOcean:
  • We value development. You will work with some of the smartest and most interesting people in the industry. We are a high-performance organization that is always challenging ourselves to continuously grow. We maintain a growth mindset in everything we do and invest deeply in employee development through formalized mentorship, LinkedIn Learning tracks, and other internal programs. We also provide all employees with reimbursement for relevant conferences, training, and education.
  • We care about your physical, financial and mental well-being. We offer competitive health, dental, and vision benefits for employees and their dependents, a monthly gym stipend to support your physical health, and a commute or internet allowance to make your trips to your office or your desk easier. We offer generous parental leave with transition time built-in upon return to work. We offer competitive compensation and a 401k plan with up to a 4% employer match. 
  • We support our remote employee experience. While we have great office spaces in NYC and Cambridge, we’re very distributed—we use a number of communication tools to connect across the company—and all remote employees have the opportunity to visit our offices and meet their teams face-to-face at team offsites. We also have an annual company offsite, Shark Week, to get quality in-person time with the entire company at least once a year. We also allow employees to outfit their workstations to meet their needs—whether remote or in office.
  • We value diversity and inclusivity. We are an equal opportunity employer and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

*This is a remote role

For all CO residents, please click here  


#LI-Remote

Department: Security #LI-Remote

 

Department: Security

Want to learn more about our Security team? Clickhere!

Want an inside look into life at DO? Clickhere to hear from our employees!

Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • C++Languages
    • GolangLanguages
    • JavascriptLanguages
    • PerlLanguages
    • PythonLanguages
    • RubyLanguages
    • CLanguages
    • RLanguages
    • F#Languages
    • jQuery UILibraries
    • ReactLibraries
    • Ember.jsFrameworks
    • Ruby on RailsFrameworks
    • CassandraDatabases
    • MySQLDatabases
    • PostgreSQLDatabases
    • RedisDatabases
    • ConsulDatabases
    • ZKDatabases
    • Google AnalyticsAnalytics
    • BalsamiqDesign
    • IllustratorDesign
    • InVisionDesign
    • SolidWorksDesign
    • MailChimpEmail
    • MarketoLead Gen

An Insider's view of DigitalOcean

What are some social events your company does?

We host an annual Shark Week where the entire company comes together for a week of learning, team time, opportunities to network cross-functionally, social activities, and more. We also host internal Hackathons (or Shark-a-hacks, as we call them) twice a year along with an annual Shark Day!

Olivia

Senior Manager, People Operations & Analytics

What projects are you most excited about?

I'm really excited about our Managed Databases and App Platform offerings. Getting started on a new project can be hard, let alone the overhead of setting up infrastructure. With our App Platform and Managed Databases, developers can focus their attention on writing code.

Greg

Engineer II

What makes someone successful on your team?

Success on my team is fueled by my team’s mutual respect and trust. My team has given me all of the necessary tools needed to get the job done and I am trusted to contribute to company projects that will transform the business. It is invaluable to be surrounded by a team that is just as committed to my success as I am!

Melonie

People Operations Associate

What is your vision for the company?

DO is in a unique position as the entry point to the internet for 500,000 customers today, and with the potential to reach many millions more over time. We have an incredible opportunity to help the world's developers and entrepreneurs test their ideas, build their business and realize their dreams.

Yancey

CEO

What unique initiatives do you have that encourage innovation?

DigitalOcean sources meetups, conferences, projects, non-profit organizations, student-run hackathons, and individual developers who create useful content. The ethos here is community driven, and based on love, so we go out of our way to support developers and entrepreneurs who are creating meaningful technologies and businesses.

Daniel

Senior Developer Relations Manager

What are DigitalOcean Perks + Benefits

DigitalOcean Benefits Overview

DigitalOcean benefits offerings vary by region. You can expect to enjoy things like:
- Full Health Coverage: Fully paid health benefits for all our employees.
- Commuter Benefits: Local employees receive a monthly metrocard or equivalent reimbursement for remotees
- 401k Plan: It's never too early to start saving. DigitalOcean matches up to 4% of every employee's salary
- Education Support: All employees receive reimbursement for conferences, training or education
- Fitness Reimbursement: Up to $100 per month to support your physical health
- Custom Workstations: Mac? PC? Linux? We’ll hook up your rig with your preferred equipment
- Free Meals In-Office Every Day: Food tastes better when you’re eating together
- Flexible Vacation Time: Take the time you need to live a balanced and fulfilling personal life
- Headphones: Up to $100 for headphones of your choosing
- Teambuilding & Social Events: Hackathons, Shark Week (our annual company retreat), team offsites, anniversary parties and more

Culture
Friends outside of work
Eat lunch together
Intracompany committees
Daily sync
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Documented equal pay policy
Highly diverse management team
Mean gender pay gap below 10%
Hiring Practices that Promote Diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Team workouts
DigitalOcean's team fitness initiatives include In-office yoga.
Mental Health Benefits
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Company Equity
Employee Stock Purchase Plan
Performance Bonus
Match charitable contributions
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Return-to-work program post parental leave
Vacation & Time Off Benefits
Unlimited Vacation Policy
Generous PTO
DigitalOcean gives employees unlimited PTO
Paid Holidays
Paid Sick Days
Employees receive unlimited days of paid sick leave.
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Free Daily Meals
Our NYC office provides free catered breakfast and lunch Mondays through Fridays
Game Room
Stocked Kitchen
Happy Hours
Happy hours are hosted once per week in the warmer months.
Relocation Assistance
Fitness Subsidies
DigitalOcean reimburses its employees up to $100 per month for fitness services and activities
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Lunch and learns
DigitalOcean hosts lunch and learn meetings weekly.
Cross functional training encouraged
Promote from within
Mentorship program
Continuing Education stipend
Customized development tracks
Paid industry certifications

More Jobs at DigitalOcean

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView DigitalOcean's full profileSee more DigitalOcean jobs