Senior Product Security Engineer: Systems
Have you ever wondered what happens inside the cloud?
Based in New York, DigitalOcean is a dynamic, high-growth technology company that serves a robust and passionate community of developers, teams, and businesses around the world. We believe that today’s entrepreneurs are changing the world through software. Our mission is to empower these entrepreneurs by bringing modern app development within reach for any developer, anywhere in the world.
We want people who are passionate about making the internet a safer place for everyone.
We're looking for a security engineer with deep experience in the systems & virtualization space and strong communication skills. Your work will make our million+ customers and tens of thousands of hypervisors more secure, and will help ensure that DigitalOcean is a respected and an active contributor to the broader security community.
You'll report to the Director of Security Engineering and will help drive the direction of systems security at DigitalOcean. Your technical contributions could include hardening our infrastructure, upstreaming security fixes in our open source stack, improving our monitoring, and assisting our SOC and System Engineering teams in response to new CVEs.
What You’ll Be Doing:
- Identify and design solutions for virtualization, containerization, and other systems-level risks in a large scale environment.
- Own DigitalOcean's involvement in systems and infrastructure hardening projects; we expect you to spend a significant amount of your time collaborating with the Systems team and related developer communities.
- Own the prioritization of systems-level security work for the product security team.
- Create a pathway for multi-tenant environments to not only protect virtual machines from each other, but also enable guests to protect tenants from each other.
- Perform broad architectural reviews on our environment to identify current risks, then work closely with our Systems team to prioritize remediation work.
- Perform research as needed to discover unknown kernel attack vectors, review other novel attacks, and coordinate any remediation upstream.
- Provide assistance as needed with system-level changes to address operational security and monitoring needs.
What We’ll Expect From You:
- Demonstrable, thorough experience working in and contributing to security efforts for hypervisors, Linux OS, or other technologies supporting virtualization (e.g. qemu, OVS, KVM).
- Working knowledge of distributed architectures, heavily virtualized environments, continuous integration & delivery environments, and software engineering practices.
- Demonstrable experience collaborating and coordinating with internal engineering and infrastructure teams.
- Strong coding skills in a variety of paradigms.
- A habit of approaching new problems with creativity.
Why You’ll Like Working for DigitalOcean:
- We have amazing people. We can promise you will work with some of the smartest and most interesting people in the industry. We work hard but we always have fun doing it. We care deeply about each other and take our “no jerks” rule very seriously.
- We value development. We are a high-performance organization that is always challenging ourselves to continuously grow. That means we maintain a growth mindset in everything we do and invest deeply in employee development. You’ll need to be great to get hired here and we promise you’ll get even better.
- We care about you. We offer competitive health, dental, and vision benefits for employees and their dependents, a monthly gym reimbursement to support your physical health, and a monthly commute allowance to make your trips to and from work easier.
- We invest in your future. We offer competitive compensation and a 401k plan with up to a 4% employer match. We also provide all employees with Kindles and reimbursement for relevant conferences, training, and education.
- We want you to love where you work. We have great office spaces located in the heart of SoHo NYC and Cambridge and offer daily catered lunches to keep your hunger at bay. We’re also very remote-friendly—we use Slack to communicate across the company—and all remote employees have the opportunity to onboard in-office and take an all-expenses paid trip to our annual company offsite, Shark Week, to get quality in-person time with the team at least once a year. We also allow employees to customize their workstations to meet their needs—whether remote or in office.
- We value diversity and inclusivity. We are an equal opportunity employer and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Want to learn more about our Security team? Clickhere!
Want an inside look into life at DO? Clickhere to hear from our employees!