Senior Infrastructure Security Engineer

We are looking for an inspired and motivated technical contributor to join DigitalOcean’s Security Organization as an Infrastructure Security Engineer. Reporting to the Infrastructure Security Manager, you will play a key role in strengthening the company’s defenses, ensuring the integrity of our infrastructure. You’ll lead projects, design and implement protective measures, and develop innovative tools to enhance the safety of both our production and corporate environments.

• Establish an understanding of DigitalOcean’s production and corporate environments, from applications to infrastructure, keeping up to date with material changes and future directions.
• Build and maintain state-of-the-art tooling to keep DigitalOcean’s infrastructure and corporate environments safe from external attack and insider threats.
• Partner closely with the other technical teams within the Security Organization and across our engineering and infrastructure functions to harden accounts, platforms, and service structures to combat intrusions, hijackings, and potential compromises.
• Develop approaches to harvest security-relevant events, converting that data into actionable intelligence, and collaborating with other technical teams to act on it.
• Continuously enhance security as the company scales, driving improvement through data collection and correlation, and ensuring that safeguards serve as an enabler for the business—not a hindrance.
• Advocate for Security Best Practices: you will encourage and guide teams in the adoption of security best practices.
• Administer security infrastructure, including secrets management and vulnerability scanning solutions.
• Contribute to the deployment and management of Zero Trust network access solutions to enhance network security.

• Extensive experience managing and auditing network defenses in high-volume production environments, including assessing configurations, identifying risks, and addressing vulnerabilities or misconfigurations.
• Experience automating tooling, alerting, and remediation workflows, with a focus on event enrichment, noise reduction, and correlation.
• Ability to prioritize known vulnerabilities for remediation at scale and apply contextual risk prioritization to newly identified vulnerabilities, assessing their impact within DigitalOcean’s unique environment.
• Strong understanding of Linux systems, services, and deployment models (e.g., Ubuntu)
• Experience engineering and maintaining Identity and Access management systems (e.g., OpenLDAP, Okta, VPN or Zero Trust)
• Clear written and verbal communication skills to include: technical writing, presenting, coaching, mentoring.

• Endpoint Intrusion Detection, Response, and Remediation, open source or commercial
• Configuration as Code software and methods (e.g., Chef, Salt, Ansible, Terraform, Github Actions, GoCD)
• Message Bus Architectures and Data Processing Pipelines (e.g., Kafka, Logstash, Vector)
• Open source log management (e.g., Elastic SIEM) or open source NIDS solutions such as Zeek, Snort, and Suricata
• Proficiency in scripting: Python, Bash, a language of your choice, we value your ability to efficiently automate tasks and streamline processes through scripting

• We innovate with purpose. You’ll be a part of a cutting-edge technology company with an upward trajectory, who are proud to simplify cloud and AI so builders can spend more time creating software that changes the world. As a member of the team, you will be a Shark who thinks big, bold, and scrappy, like an owner with a bias for action and a powerful sense of responsibility for customers, products, employees, and decisions. 
• We prioritize career development. At DO, you’ll do the best work of your career. You will work with some of the smartest and most interesting people in the industry. We are a high-performance organization that will always challenge you to think big. Our organizational development team will provide you with resources to ensure you keep growing. We provide employees with reimbursement for relevant conferences, training, and education. All employees have access to LinkedIn Learning's 10,000+ courses to support their continued growth and development.
• We care about your well-being. Regardless of your location, we will provide you with a competitive array of benefits to support you from our Employee Assistance Program to Local Employee Meetups to flexible time off policy, to name a few. While the philosophy around our benefits is the same worldwide, specific benefits may vary based on local regulations and preferences.
• We reward our employees. The salary range for this position is $135,000.00 - $185,000.00 based on market data, relevant years of experience, and skills. You may qualify for a bonus in addition to base salary; bonus amounts are determined based on company and individual performance. We also provide equity compensation to eligible employees, including equity grants upon hire and the option to participate in our Employee Stock Purchase Program. 
• We value diversity and inclusion. We are an equal-opportunity employer, and recognize that diversity of thought and background builds stronger teams and products to serve our customers. We approach diversity and inclusion seriously and thoughtfully. We do not discriminate on the basis of race, religion, color, ancestry, national origin, caste, sex, sexual orientation, gender, gender identity or expression, age, disability, medical condition, pregnancy, genetic makeup, marital status, or military service.

*This is a remote role.

#LI-Remote

#LI-SK1