Senior Infrastructure Security Engineer

Do you ever wonder what happens inside the cloud?
DigitalOcean (NYSE: DOCN) simplifies cloud computing so builders can spend more time creating software that changes the world. With our mission-critical infrastructure and fully managed offerings, DigitalOcean enables startups and small and medium-sized businesses (SMBs) to rapidly deploy and scale modern applications. As a remote-first organization, our employees, like our customers, are based around the world.
We want people who are passionate about making the internet a safer place for everyone.
We are looking for an inspired and motivated technical contributor to join the DigitalOcean Security Organization as an Infrastructure Security Engineer. Reporting to the Infrastructure Security Manager, the Infrastructure Security Engineer will be a key member of DigitalOcean's security team, charged with playing an integral part in improving the security posture of DigitalOcean, ensuring a secure cloud infrastructure for both internal users and customers.
Grow your skills and level up your career by joining a fast-moving team that is building security at scale. You will lead projects, architect, and build security tooling from the ground up. Use your engineering skills to create new and innovative ways to increase the security surrounding our production and corporate infrastructure. Your work will provide security instrumentation and secure architectures in DigitalOcean's environments, both corporate and customer facing.
What You'll Be Doing:

• Establishing an understanding of DigitalOcean's production and corporate environments, from applications to infrastructure, keeping up-to-date with material changes and future directions
• Building and maintaining state-of-the-art tooling to keep DigitalOcean's infrastructure and corporate environments safe from external attack and insider threat
• Partnering closely with the other technical teams within the Security Organization and across our engineering and infrastructure functions to harden accounts, platforms, and service structures to combat intrusions, hijackings, and potential compromises
• Developing early warning systems to detect, respond, and mitigate risks to the business as well as the customer environment
• Engineering approaches to harvest security relevant events, converting that data into actionable intelligence, and collaborating with other technical teams to act on it
• Consistently improving security as the company scales, driving continuous improvement through data collection and correlation, being mindful that security should be an efficiency enabler for the business - not a detractor
• Advocating for Security Best Practices: you will encourage and guide teams in the adoption of security best practices

What We'll Expect From You:

• Broad network security experience in high-volume production environments, including audits of network security configurations, identifying and addressing vulnerabilities or misconfigurations
• Experience automating security tooling, alerting, and remediation workflows especially security event enrichment, reduction, and correlation
• Vulnerability Management experience, focused on prioritizing known vulnerabilities for remediation at scale and classifying previously unknown vulnerabilities
• Strong understanding of Linux systems, services, and deployment models (eg, Ubuntu)
• Experience engineering and maintaining Identity and Access management systems (eg, OpenLDAP, Okta, VPN or Zero Trust)
• Clear written and verbal communication skills to include: technical writing, presenting, coaching, mentoring
• Bonus: Experience in one or more of the following areas:
  • Endpoint Intrusion Detection, Response, and Remediation, open source or commercial
  • Configuration as Code software and methods (eg, Chef, Salt, Ansible, Terraform)
  • Message Bus Architectures and Data Processing Pipelines (eg, Kafka)
  • Open source log management (eg, Elastic SIEM) or open source NIDS solutions such as Zeek, Snort, and Suricata
  • Proficiency in scripting: Python, Bash, or the language of your preference, we value your ability to efficiently automate tasks and streamline processes through scripting

Why You'll Like Working for DigitalOcean :

• We reward our employees . The base salary range for this position is between $120,000 - $175,000 based on relevant years of experience and skills. The salary range for this role is specific to candidates located within the U.S. and will vary for candidates outside the U.S.. Employees may qualify for a bonus in addition to base salary; bonus amounts are determined based on company and individual performance. We also provide equity compensation to eligible employees including grants of equity upon hire and the option to participate in our Employee Stock Purchase Program.
• We value development. You will work with some of the smartest and most interesting people in the industry. We are a high-performance organization that is always challenging our teams and employees to continuously grow. We maintain a growth mindset in everything we do and invest deeply in employee development through formalized mentorship and other internal programs. We provide all employees with reimbursement for relevant conferences, training, and education.
• We care about your well-being. In addition to cash and equity compensation, we also offer employees a competitive array of benefits. In the United States, these include health insurance, unlimited vacation, retirement benefits, a generous parental leave program, and additional resources to support employees' overall well-being. While the philosophy around our benefits is the same worldwide, specific benefits may vary in other countries due to local regulations and preferences.
• We value diversity and inclusivity. We are an equal opportunity employer and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

*This is a remote role
#LI-Remote