Principal Engineer - Security Products, Security Visibility

About The Position

Requirements

• Over 10 years of software engineering expertise.
• Over 4 years dedicated to audit logging, security telemetry, SIEM integration, or managing high-throughput data pipelines within cloud or IaaS ecosystems.
• Expertise in Go.
• Extensive experience designing gRPC-based microservices.
• Deep, hands-on knowledge of Apache Flink, Apache Kafka, or similar high-volume stream processing frameworks, with a focus on exactly-once semantics, durability, and ordering guarantees.
• Proven history of developing security visibility platforms, such as unified control planes, security dashboards, or complex SIEM integrations across diverse cloud environments.
• Understanding of audit requirements for frameworks like SOC 2, ISO 27001, FedRAMP, and PCI-DSS.
• Ability to build large-scale systems handling replication, consensus, and partitioning with high reliability.
• Proficiency with Kubernetes, Terraform (IaC), SQL (MySQL), and analytical or columnar data stores.
• Track record of leading ambiguous, cross-functional platform initiatives.
• Ability to write effective RFCs and articulate architectural strategies to senior leadership while aligning teams toward a unified goal.

Nice To Haves

• Experience with OpenTelemetry, OCSF (Open Cybersecurity Schema Framework), or other security telemetry standards
• Familiarity with threat detection platforms, behavioral analytics, or UEBA systems
• Experience building customer-facing security dashboards or compliance reporting tools
• Contributions to open-source security, observability, or data pipeline projects

Responsibilities

• Define and drive the multi-year technical roadmap for Audit Logging, SIEM Integration, and Unified Security Visibility, covering event collection, normalization, enrichment, storage, and customer-facing exposure.
• Design fault-tolerant, high-throughput audit and telemetry pipelines in Go capable of ingesting and processing billions of security events per day with guaranteed delivery, low latency, and full auditability.
• Architect the Unified Security Dashboard and control plane to aggregate signals from threat detection, IAM, network security, and workload protection into a single customer-facing security posture view.
• Design and deliver integrations with leading SIEM platforms (Splunk, Datadog, Chronicle, Microsoft Sentinel) via standardized log export, streaming APIs, and webhook frameworks.
• Lead the redesign of DigitalOcean's audit log infrastructure to support immutable, tamper-evident, compliance-grade event records with fine-grained retention controls, cross-account federation, and real-time streaming access.
• Partner with IAM, Threat Detection, DOKS, Billing, and Platform Engineering to ensure all product surfaces emit structured, consistent, high-fidelity security telemetry.
• Establish logging schema standards, event taxonomy, and observability engineering practices adopted org-wide.
• Lead design reviews for changes with cross-cutting platform risk and author RFCs that shape DigitalOcean's technical direction.
• Mentor and develop senior and mid-level engineers across Security Products and adjacent teams.
• Conduct deep code reviews, model architectural thinking, and build a culture of security-first, observability-native engineering.

Benefits

• Competitive array of benefits
• Employee Assistance Program
• Local Employee Meetups
• Flexible time off policy
• Reimbursement for relevant conferences, training, and education
• Access to LinkedIn Learning's 10,000+ courses
• Bonus in addition to base salary
• Equity compensation
• Equity grants upon hire
• Option to participate in Employee Stock Purchase Program