Simplify Logo

Full-Time

Product Security Engineer

Confirmed live in the last 24 hours

DigitalOcean

DigitalOcean

1,001-5,000 employees

Cloud computing platform for developers and businesses

Consumer Software
Enterprise Software
Data & Analytics

Compensation Overview

$100k - $180kAnnually

+ Bonus + Equity Compensation

Junior, Mid

Remote in USA

This is a remote role.

Category
Cybersecurity
IT & Security
Required Skills
Python
JavaScript
Requirements
  • Ability to clearly communicate security topics and vulnerability classes (e.g. OWASP Top Ten) and provide actionable direction to product teams.
  • A record of partnering with internal engineering teams to tackle security problems across an entire stack with empathy and creativity. Engineering teams are our partners, not our adversaries.
  • Hands-on experience in software engineering projects. We primarily develop in Go, JavaScript, and Python. You are comfortable writing code with good test coverage.
  • Working knowledge of modern development concepts (virtualized environments, containerization, continuous integration + delivery).
Responsibilities
  • Review architecture and code and provide security guidance (70%)
  • Provide holistic assessments of security layers across infrastructure, application, people, and process.
  • Collaborate with product managers, designers, and engineers to threat model and architect secure and resilient systems.
  • Review source code against secure coding best practices and contribute security requirements.
  • Create a paved road for engineers to build securely (20%)
  • Drive the software design and implementation of security services, tools, and libraries to provide secure defaults to the rest of the organization.
  • Promote security remediations in the CI/CD pipeline by building tools and services for engineers to consume (e.g. custom Semgrep implementation, developer-first secrets management).
  • Help build the platform that ensures software development at DigitalOcean is safe, easy, and low-risk.
  • Cultivate and promote a security culture (10%)
  • Champion an internal security culture (developer training, internal CTFs, etc.).
  • Help DigitalOcean engineers understand how security events impact them. Do they need to worry about the next Log4j CVE? How does RetBleed impact DigitalOcean’s fleet?

DigitalOcean provides cloud computing services that enable developers and businesses to build, deploy, and scale applications efficiently. Its platform offers a range of fully managed services, allowing users to focus on software development rather than infrastructure management. DigitalOcean stands out from competitors by emphasizing simplicity, a strong community, and open-source support, making it accessible for startups and small to medium-sized businesses. The company's goal is to empower users to innovate and grow their businesses by providing the tools and support needed to streamline the development process.

Company Stage

IPO

Total Funding

$1.5B

Headquarters

New York City, New York

Founded

2012

Growth & Insights
Headcount

6 month growth

6%

1 year growth

14%

2 year growth

24%
Simplify Jobs

Simplify's Take

What believers are saying

  • The appointment of experienced leaders like Wade Wegner and Bratin Saha signals strong strategic direction and potential for growth.
  • Partnerships with companies like LinkDaddy enhance DigitalOcean's ecosystem, providing additional value to customers.
  • The continuous enhancement of services, such as the introduction of Managed OpenSearch and advanced MongoDB configurations, demonstrates DigitalOcean's commitment to innovation and customer needs.

What critics are saying

  • The competitive cloud services market, dominated by giants like AWS, Azure, and Google Cloud, poses a significant challenge to DigitalOcean's market share.
  • Legal issues, such as the recent case with the Dutch gambling regulator, could impact the company's reputation and operational stability.

What makes DigitalOcean unique

  • DigitalOcean's focus on simplicity and community support sets it apart from larger, more complex cloud service providers like AWS and Google Cloud.
  • Their fully managed offerings, such as Managed OpenSearch and MongoDB, provide specialized solutions that cater specifically to developers and SMBs.
  • DigitalOcean's revamped App Platform emphasizes cost efficiency and scalability, making it particularly attractive for startups and growing technology businesses.

Benefits

Remote-first

Full health coverage

Wellness coverage

Flexible vacation time

Team-building & social events

401(k) plans

ESPP

Education support

Partner support

Employee giving