SOC Analyst II

We want people who are passionate about making the internet a safer place for everyone.

We are looking for an inspired and motivated experienced technical leader to join the DigitalOcean Security Operations Center (SOC).  In this role, you will be the lead technical contributor on DigitalOcean’s Digital Forensics and Incident Response (DFIR) team, charged with improving the security posture of DigitalOcean both reactively and proactively, ensuring a secure cloud infrastructure for both customers and internal users. You will leverage advanced knowledge of DFIR and enterprise security practices. You will use your deep analytical skills to develop mitigations to prevent malicious harms. You will apply engineering skills to mature our detection and response functions. 

With over 600,000 customers utilizing 11 data centers and 15,000+ hypervisors every day, our Security Operations Center never loses sight of the role we play in making the internet a more secure place for everyone.

What You’ll Be Doing:

• Vetting abuse claims, responding to reporters, and helping customers get back on the platform.
• Analyzing network traffic to identify compromised systems, negate denial of service attacks, and pinpoint resource abuse.
• Monitor and investigate user-generated content and activities to identify policy violations, fraud, abuse, and other harmful behaviors.
• Locating trends in abuse vectors, communicating with leadership to apprise of extent, and advocating for appropriate product changes to prevent future occurrences.
• Maintaining the usability of DigitalOcean IP space by brokering de-listing requests from “drop lists” or block listings that prevent the flow of email for our customers.
• Evaluating hosted content and following up based on DigitalOcean’s Acceptable Use Policy (which may include adult or inappropriate content).
• Assist with the development and implementation of automated systems for detecting and mitigating abusive or fraudulent activities.
• Investigate, identify and prevent or mitigate abusive activities such as intrusion attempts, DDoS, malware distribution, phishing attacks, etc. originating from DigitalOcean Platform.
• Work within a queue management system with specific daily targets on the number of customer contacts completed with a quality resolution.
• Be responsible for end-to-end operational processes and handle escalations by providing business solutions.
• Provide guidance and oversight to customers to ensure compliance to all applicable DigitalOcean Policies.
• Collaborate with the Security organization and Infrastructure teams to harden account, platform, and service structures to combat hijackings and compromises.
• Understand internal tools and processes and leverage those to push automation.
• Understand and apply legal concepts of fair use as applied to copyright, trademark, defamation, and plagiarism.
• Assist with developing and maintaining SOPs.

What We’ll Expect From You:

• Bachelor's Degree or equivalent experience 
• 2 to 4+ years of experience in security operations & incident response roles
• Experience in one or more of the following areas: 
• policy enforcement
• user trust, risk, fraud or product abuse investigation 
• network security
• security operations
• incident response
• Understanding of hardware, software, and networking; distributed computing; virtualization; high-performance storage systems; databases; and cloud computing
• Background with relevant technology (e.g. DNS, SMTP), and understanding of Linux systems.
• Understanding of internet economics, social and technical attributes, with knowledge of the cloud ecosystem.
• Familiar with reading a packet capture (e.g. WireShark/CloudShark).
• Understanding of TCP/IP concepts, application protocols and knowledge of database structures and working with Unix/Linux.
• Very strong communication skills, prioritization and multitasking capabilities.
• Exceptional analytical thinking through data-driven decisions, as well as the technical know-how.
• Positive attitude with a desire to keep our customers and the internet safe.
• Bonus: Experience working in a privacy role with access privileges to sensitive data.
• Relevant certifications, such as CompTIA Security+, Certified SOC Analyst (CSA), or Certified Ethical Hacker (CEH) are a plus.
• Bonus: Knowledge of Programming/Scripting (Ruby, Python, Bash)

Why You’ll Like Working for DigitalOcean:

• We innovate with purpose. You’ll be a part of a cutting-edge technology company with an upward trajectory, who are proud to simplify cloud and AI so builders can spend more time creating software that changes the world. As a member of the team, you will be a Shark who thinks big, bold, and scrappy, like an owner with a bias for action and a powerful sense of responsibility for customers, products, employees, and decisions. 
• We prioritize career development. At DO, you’ll do the best work of your career. You will work with some of the smartest and most interesting people in the industry. We are a high-performance organization that will always challenge you to think big. Our organizational development team will provide you with resources to ensure you keep growing. We provide employees with reimbursement for relevant conferences, training, and education. All employees have access to LinkedIn Learning's 10,000+ courses to support their continued growth and development.
• We care about your well-being. Regardless of your location, we will provide you with a competitive array of benefits to support you from our Employee Assistance Program to Local Employee Meetups to flexible time off policy, to name a few. While the philosophy around our benefits is the same worldwide, specific benefits may vary based on local regulations and preferences.
• We reward our employees. The salary range for this position is based on market data, relevant years of experience, and skills. You may qualify for a bonus in addition to base salary; bonus amounts are determined based on company and individual performance. We also provide equity compensation to eligible employees, including equity grants upon hire and the option to participate in our Employee Stock Purchase Program.
• We value diversity and inclusion. We are an equal-opportunity employer, and recognize that diversity of thought and background builds stronger teams and products to serve our customers. We approach diversity and inclusion seriously and thoughtfully. We do not discriminate on the basis of race, religion, color, ancestry, national origin, caste, sex, sexual orientation, gender, gender identity or expression, age, disability, medical condition, pregnancy, genetic makeup, marital status, or military service.

#LI-Hybrid