Staff Security Software Engineer

About The Position

Requirements

• 8+ years of hands-on experience in software engineering projects, ideally with a security focus, in a complex, high-scale SaaS or IaaS environment. You are an expert in writing robust code with good test coverage and demonstrated success in delivering projects.
• Understanding of cloud-native services and infrastructure provisioning (e.g. compute, storage, networking).
• Deep familiarity with cloud services & infrastructure—compute, storage, network, managed services—and related abuse tactics, including DDoS, spamming, phishing, cryptomining, and bot networks.
• Strong analytical and reporting skills, with proficiency in SQL and data warehouse querying (e.g., Snowflake, Redshift, BigQuery)
• A customer-first mindset—you aim to maximize abuse prevention while avoiding false-positives that could impact high-value customers.
• Excellent communication and documentation skills; you can clearly articulate patterns, mitigation strategies, and tradeoffs to both technical and non-technical stakeholders. You have a record of partnering with internal engineering teams and non-technical stakeholders to gather requirements and tackle security problems across an entire stack with empathy and creativity.
• High integrity, strong judgment, and a track record of working independently on high-impact investigations and policy decisions.

Nice To Haves

• Experience with microservice architectures, asynchronous and event-driven processing, and synchronous gRPC/HTTP-based requests.
• Experience in building secure by default services and applications.
• Familiarity with technologies such as gRPC, Docker, Elasticsearch, Prometheus/VictoriaMetrics, Kubernetes, and GitHub Actions.
• Experience with Looker, Snowflake, dbt, and Airflow

Responsibilities

• Design, develop, and deploy resilient services and tooling that provide security capabilities at scale, primarily in Go, with some work in Javascript and Python.
• Research and design automated approaches to detecting and actioning abuse and misuse of DigitalOcean products and services.
• Work with product and engineering teams to design and implement secure architectures.
• Design and build internal tools that enable our Security Operations Center to do more, faster.
• Measure the efficacy of our services and tools, using logs, metrics, and audit records, to drive reporting and decision-making, leading to iterative and transformative security improvements as DigitalOcean scales. All while being mindful that security should be an efficiency enabler for the business, not an obstacle.

Benefits

• We prioritize career development.
• We care about your well-being.
• We reward our employees.
• We provide employees with reimbursement for relevant conferences, training, and education.
• All employees have access to LinkedIn Learning's 10,000+ courses to support their continued growth and development.
• Employee Assistance Program
• Local Employee Meetups
• flexible time off policy
• equity compensation to eligible employees, including equity grants upon hire and the option to participate in our Employee Stock Purchase Program.