Dive in and do the best work of your career at DigitalOcean. Journey alongside a strong community of top talent who are relentless in their drive to build the simplest scalable cloud. If you have a growth mindset, naturally like to think big and bold, and are energized by the fast-paced environment of a true industry disruptor, you’ll find your place here. We value winning together—while learning, having fun, and making a profound difference for the dreamers and builders in the world.
We are seeking a Principal Architect (IC6) to join our Customer Trust & Engineering organization as the technical owner of Audit Logging, SIEM Integration, and Unified Security Visibility. These systems are the eyes and ears of DigitalOcean's security posture — ingesting, normalizing, and surfacing billions of security events across our global, multi-tenant cloud platform so that customers and internal teams can detect threats, investigate incidents, and demonstrate compliance in real time.
As an IC6, you won't just improve existing pipelines — you will define what our audit logging and security visibility platform becomes over the next two to three years, and lead the engineers who build it. You will drive architectural strategy across multiple teams, unify fragmented telemetry into a coherent security data plane, and set the standard for how DigitalOcean thinks about observability and auditability at hyperscale. If you are passionate about distributed systems, high-throughput data pipelines, and building security infrastructure that millions of developers depend on, this is the role for you.
What You'll DoOwn the Platform Vision: Define and drive the multi-year technical roadmap for Audit Logging, SIEM Integration, and Unified Security Visibility — spanning event collection, normalization, enrichment, storage, and customer-facing exposure across DigitalOcean's global cloud platform.
Architect for Hyperscale: Design fault-tolerant, high-throughput audit and telemetry pipelines in Go capable of ingesting and processing billions of security events per day with guaranteed delivery, low latency, and full auditability.
Build Unified Security Visibility: Architect the Unified Security Dashboard and control plane that aggregates signals from threat detection, IAM, network security, and workload protection into a single coherent customer-facing security posture view.
Drive SIEM Integration: Design and deliver first-class integrations with leading SIEM platforms (Splunk, Datadog, Chronicle, Microsoft Sentinel) via standardized log export, streaming APIs, and webhook frameworks — enabling customers to bring their own observability stack without friction.
Evolve the Audit Logging Platform: Lead the redesign of DigitalOcean's audit log infrastructure to support immutable, tamper-evident, compliance-grade event records with fine-grained retention controls, cross-account federation, and real-time streaming access for customers and internal security teams.
Drive Cross-Team Impact: Partner with IAM, Threat Detection, DOKS, Billing, and Platform Engineering to ensure that every product surface emits structured, consistent, high-fidelity security telemetry. Serve as the connective tissue between the security data plane and the broader cloud platform.
Set Engineering Standards: Establish logging schema standards, event taxonomy, and observability engineering practices adopted org-wide. Lead design reviews for changes with cross-cutting platform risk and author RFCs that shape DigitalOcean's technical direction.
Mentor & Grow the Organization: Mentor and develop senior and mid-level engineers across Security Products and adjacent teams. Conduct deep code reviews, model architectural thinking, and build a culture of security-first, observability-native engineering.
- Core Experience: You possess over 10 years of software engineering expertise, including 4+ years dedicated to audit logging, security telemetry, SIEM integration, or managing high-throughput data pipelines within cloud or IaaS ecosystems.
- Language & Architecture: You are an expert in Go and have extensive experience designing gRPC-based microservices.
- Streaming Systems: You have deep, hands-on knowledge of Apache Flink, Apache Kafka, or similar high-volume stream processing frameworks, with a focus on exactly-once semantics, durability, and ordering guarantees.
- Security Observability: You have a proven history of developing security visibility platforms, such as unified control planes, security dashboards, or complex SIEM integrations across diverse cloud environments.
- Compliance & Distributed Systems: You understand audit requirements for frameworks like SOC 2, ISO 27001, FedRAMP, and PCI-DSS. You can build large-scale systems handling replication, consensus, and partitioning with high reliability.
- Cloud-Native Stack: You are proficient with Kubernetes, Terraform (IaC), SQL (MySQL), and analytical or columnar data stores.
- Leadership & Communication: You have a track record of leading ambiguous, cross-functional platform initiatives. You write effective RFCs and can articulate architectural strategies to senior leadership while aligning teams toward a unified goal.
- Experience with OpenTelemetry, OCSF (Open Cybersecurity Schema Framework), or other security telemetry standards
- Familiarity with threat detection platforms, behavioral analytics, or UEBA systems
- Experience building customer-facing security dashboards or compliance reporting tools
- Contributions to open-source security, observability, or data pipeline projects
- $235,200 - $294,000
*This is a hybrid role
JR: 2026-7826
#LI-Hybrid
- We innovate with purpose. You’ll be a part of a cutting-edge technology company with an upward trajectory, who are proud to simplify cloud and AI so builders can spend more time creating software that changes the world. As a member of the team, you will be a Shark who thinks big, bold, and scrappy, like an owner with a bias for action and a powerful sense of responsibility for customers, products, employees, and decisions.
- We prioritize career development. At DO, you’ll do the best work of your career. You will work with some of the smartest and most interesting people in the industry. We are a high-performance organization that will always challenge you to think big. Our organizational development team will provide you with resources to ensure you keep growing. We provide employees with reimbursement for relevant conferences, training, and education. All employees have access to LinkedIn Learning's 10,000+ courses to support their continued growth and development.
- We care about your well-being. Regardless of your location, we will provide you with a competitive array of benefits to support you from our Employee Assistance Program to Local Employee Meetups to flexible time off policy, to name a few. While the philosophy around our benefits is the same worldwide, specific benefits may vary based on local regulations and preferences.
- We reward our employees. The salary range for this position is based on market data, relevant years of experience, and skills. You may qualify for a bonus in addition to base salary; bonus amounts are determined based on company and individual performance. We also provide equity compensation to eligible employees, including equity grants upon hire and the option to participate in our Employee Stock Purchase Program.
- DigitalOcean is an equal-opportunity employer. We do not discriminate on the basis of race, religion, color, ancestry, national origin, caste, sex, sexual orientation, gender, gender identity or expression, age, disability, medical condition, pregnancy, genetic makeup, marital status, or military service.
Application Limit: You may apply to a maximum of 3 positions within any 180-day period. This policy promotes better role-candidate matching and encourages thoughtful applications where your qualifications align most strongly.
Skills Required
- 10+ years software engineering experience, including 4+ years in audit logging, security telemetry, SIEM integration, or high-throughput cloud data pipelines
- Expert in Go
- Extensive experience designing gRPC-based microservices
- Deep, hands-on knowledge of Apache Flink, Apache Kafka, or similar stream processing frameworks (exactly-once semantics, durability, ordering)
- Proven history developing security visibility platforms, unified control planes, or complex SIEM integrations
- Understanding of audit/compliance frameworks (SOC 2, ISO 27001, FedRAMP, PCI-DSS)
- Proficient with Kubernetes
- Proficient with Terraform (IaC)
- Proficient with SQL (MySQL)
- Experience with analytical or columnar data stores
- Track record leading ambiguous, cross-functional platform initiatives; writing RFCs and articulating architectural strategy
- Experience mentoring and developing senior and mid-level engineers; conducting deep code reviews
- Experience with OpenTelemetry or OCSF (security telemetry standards)
- Familiarity with threat detection platforms, behavioral analytics, or UEBA systems
- Experience building customer-facing security dashboards or compliance reporting tools
- Contributions to open-source security, observability, or data pipeline projects
DigitalOcean Compensation & Benefits Highlights
-
Healthcare Strength — Health coverage includes medical, dental, vision, and mental-health support plus employer-paid life/AD&D/disability, with multiple plan options and above-average employer contributions. Offerings are described as market-leading and in some cases fully paid to keep premiums low.
-
Equity Value & Accessibility — Equity awards (new-hire and performance RSUs) are paired with an Employee Stock Purchase Plan offered at a discount. This ownership component augments cash compensation and broadens participation in company growth.
-
Parental & Family Support — Paid parental leave is provided for a defined period and includes a structured, part-time transition-back program. The approach emphasizes a smoother return-to-work experience for new parents.
DigitalOcean Insights
What We Do
DigitalOcean is the Inference Cloud — a full-stack, production-ready cloud platform built to run AI applications with predictable performance, sustainable economics, and radically simpler operations at scale. We are built for teams turning AI into real products — not just training models. Our advantage is not fewer features, but fewer failure modes when operating AI at scale — combining minimal operational overhead, predictable cost efficiency, and a full-stack cloud that works as a system. Hyperscalers are broad by design. Neoclouds are infrastructure-first. DigitalOcean is inference-first — with a real cloud underneath. It combines inference-optimized compute, managed inference software, and integrated cloud capabilities that reduce operational burden for teams running real workloads. Inference is the foundation—not the boundary. Everything else builds on top of it.
Why Work With Us
At DO, we do career-defining work. We innovate with AI and build cutting-edge tech. Our rewards to match that intensity - to motivate you, recognize your impact, and give you what you need to thrive. If you have a growth mindset, like to think big and bold, and are energized by the fast-paced environment, you'll find your place here.
Gallery
DigitalOcean Offices
Remote Workspace
Employees work remotely.
We commit to both remote work and in-person collaboration. These ways of working are dependent on specific roles and are mutually agreed upon by employees. In the US, we are mainly remote. In our APAC locations, we have a hybrid in-office approach.
