Senior Infrastructure Security Engineer

We are looking for an inspired and motivated technical contributor to join the DigitalOcean Security Organization as an Infrastructure Security Engineer. Reporting to the Infrastructure Security Manager, the Infrastructure Security Engineer will be a key member of DigitalOcean’s security team, charged with playing an integral part in improving the security posture of DigitalOcean. You will lead projects, architect, and build security tooling from the ground up. Use your engineering skills to create new and innovative ways to increase the security surrounding our production and corporate infrastructure.

What You’ll Do:

• Establishing an understanding of DigitalOcean’s production and corporate environments, from applications to infrastructure, keeping up-to-date with material changes and future directions
• Building and maintaining state-of-the-art tooling to keep DigitalOcean’s infrastructure and corporate environments safe from external attack and insider threat
• Partnering closely with the other technical teams within the Security Organization and across our engineering and infrastructure functions to harden accounts, platforms, and service structures to combat intrusions, hijackings, and potential compromises
• Engineering approaches to harvest security relevant events, converting that data into actionable intelligence, and collaborating with other technical teams to act on it
• Consistently improving security as the company scales, driving continuous improvement through data collection and correlation, being mindful that security should be an efficiency enabler for the business - not a detractor
• Advocating for Security Best Practices: you will encourage and guide teams in the adoption of security best practices
• Help administer our security infrastructure, including secrets management and vulnerability scanning solutions.
• Contribute to the deployment and management of zero trust network access solutions to enhance network security.

What We’ll Expect From You:

• Broad network security experience in high-volume production environments, including audits of network security configurations, identifying and addressing vulnerabilities or misconfigurations
• Experience automating security tooling, alerting, and remediation workflows especially security event enrichment, reduction, and correlation
• Vulnerability Management experience, focused on prioritizing known vulnerabilities for remediation at scale and classifying previously unknown vulnerabilities
• Strong understanding of Linux systems, services, and deployment models (eg, Ubuntu)
• Experience engineering and maintaining Identity and Access management systems (eg, OpenLDAP, Okta, VPN or Zero Trust)
• Clear written and verbal communication skills to include: technical writing, presenting, coaching, mentoring
• Bonus: Experience in one or more of the following areas:
  • Endpoint Intrusion Detection, Response, and Remediation, open source or commercial
  • Configuration as Code software and methods (eg, Chef, Salt, Ansible, Terraform, Github Actions, GoCD)
  • Message Bus Architectures and Data Processing Pipelines (eg, Kafka, Logstash, Vector)
  • Open source log management (eg, Elastic SIEM) or open source NIDS solutions such as Zeek, Snort, and Suricata
  • Proficiency in scripting: Python, Bash, or the language of your preference, we value your ability to efficiently automate tasks and streamline processes through scripting

Why You’ll Like Working for DigitalOcean

• We innovate with purpose. You’ll be a part of a cutting-edge technology company with an upward trajectory, who are proud to simplify cloud and AI so builders can spend more time creating software that changes the world. As a member of the team, you will be a Shark who thinks big, bold, and scrappy, like an owner with a bias for action and a powerful sense of responsibility for customers, products, employees, and decisions. 
• We prioritize career development. At DO, you’ll do the best work of your career. You will work with some of the smartest and most interesting people in the industry. We are a high-performance organization that will always challenge you to think big. Our organizational development team will provide you with resources to ensure you keep growing. We provide employees with reimbursement for relevant conferences, training, and education. All employees have access to LinkedIn Learning's 10,000+ courses to support their continued growth and development.
• We care about your well-being. Regardless of your location, we will provide you with a competitive array of benefits to support you from our Employee Assistance Program to Local Employee Meetups to flexible time off policy, to name a few. While the philosophy around our benefits is the same worldwide, specific benefits may vary based on local regulations and preferences.
• We reward our employees. The salary range for this position is $100,000 - $130,000 based on market data, relevant years of experience, and skills. You may qualify for a bonus in addition to base salary; bonus amounts are determined based on company and individual performance. We also provide equity compensation to eligible employees, including equity grants upon hire and the option to participate in our Employee Stock Purchase Program. 
• We value diversity and inclusion. We are an equal-opportunity employer, and recognize that diversity of thought and background builds stronger teams and products to serve our customers. We approach diversity and inclusion seriously and thoughtfully. We do not discriminate on the basis of race, religion, color, ancestry, national origin, caste, sex, sexual orientation, gender, gender identity or expression, age, disability, medical condition, pregnancy, genetic makeup, marital status, or military service.

*This is a remote role.

#LI-Remote

#LI-SK1