Senior Product Security Engineer, Security Platform

DigitalOceanDenver, CO
292d$135,000 - $185,000
Match Resume

About The Position

We’re looking for a Senior Product Security Engineer who is passionate about building secure guardrails and paved roads for engineering teams. As a member of the Security Platform team, you will report to the Senior Manager of Product Security. Our Security Platform team secures the development and environment of our engineers and production services. We achieve this by implementing controls that layer security into the groundwork of our engineering infrastructure, streamlining implementations, and measuring effectiveness. We help build the platform that ensures software development at DigitalOcean is safe, easy, and low-risk. You will collaborate with other security teams and the rest of DigitalOcean to drive secure software design, reduce security risk in the organization, and empower engineers to make informed security decisions. Security at DO means solving incredibly complex problems at a high-scale that have real impact for our customers, our products, and the larger internet community.

Requirements

  • 5+ years of experience in software engineering projects, ideally with a security focus.
  • Comfortable writing robust code with good test coverage.
  • Understanding of and ability to clearly communicate security topics and vulnerability classes (e.g. OWASP Top Ten).
  • A record of partnering with internal engineering teams to tackle security problems across an entire stack with empathy and creativity.

Nice To Haves

  • Familiarity with technologies such as gRPC, Docker, Prometheus, Kubernetes, HashiCorp Vault, and GitHub Actions.
  • Experience with microservice architectures, asynchronous and event-driven processing, and synchronous gRPC/HTTP-based requests.
  • Strong analytical, communication, and organizational skills.

Responsibilities

  • Build secure-by-default guardrails for engineers (60%)
  • Design and build internal tooling to provide engineering teams with secure-by-default configurations and libraries.
  • Write robust, resilient, and maintainable software, primarily in Go and Python. You may sometimes work on a frontend.
  • Prioritize the user experience (our customers are internal dev teams) to ensure security’s libraries and services are the easiest, fastest way to get work done.
  • Integrate SaaS and homegrown security solutions into developer workflows (30%)
  • Add to our growing corpus of custom, internal Semgrep rules.
  • Own the successful integration of vendor tools into our development pipelines and build security initiatives around their data that empower engineers rather than add friction or blocking gates.
  • Cultivate and promote a security culture (10%)
  • Champion an internal security culture (developer training, internal CTFs, etc.).
  • Mentor software engineering teams in security best practices.
  • Help oversee our vulnerability management framework (we call it security debt).
  • Help DigitalOcean engineers understand how security events impact them.

Benefits

  • Competitive salary range between $135,000.00 - $185,000.00 based on market data, relevant years of experience, and skills.
  • Bonus eligibility based on company and individual performance.
  • Equity compensation including equity grants upon hire and participation in Employee Stock Purchase Program.
  • Reimbursement for relevant conferences, training, and education.
  • Access to LinkedIn Learning's 10,000+ courses.
  • Work from home stipend.
  • Wellness allowance.
  • Flexible time off policy.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service