Have you ever wondered what happens inside the cloud?

Based in New York, DigitalOcean is a dynamic, high-growth technology company that serves a robust and passionate community of developers, teams, and businesses around the world. We believe that today’s entrepreneurs are changing the world through software. Our mission is to empower these entrepreneurs by bringing modern app development within reach for any developer, anywhere in the world.

We want people who are passionate about making the internet a safer place for everyone

We're looking for inspired and motivated technical contributors to be key members of DigitalOcean’s security team, charged with improving the security posture of DigitalOcean both reactively and proactively, ensuring a secure cloud infrastructure for both customers and internal users. Reporting to the Security Operations Center Manager, the Senior SOC Engineer will gain skills in one or more of multiple focal areas including digital forensics, incident response, platform abuse, legal/regulatory enforcement, and enterprise security. You will use you investigative skills to identify and eliminate bad actors inside the DigitalOcean platform or your engineering skills to create new and innovative ways to detect and respond to potential threats.

With over 200,000 customers utilizing 10+ data centers and 10,000+ hypervisors every day, our Security Operations Center never loses sight of the role we play in making the internet a more secure place for everyone.

 What You’ll Be Doing:

• Establishing an understanding of DigitalOcean’s entire production environment, from applications to infrastructure, keeping up-to-date with material changes and future directions.
• Handling live intrusions and incident response cases, in a customer-oriented and transparent manner, to minimize the impact of bad actors on the internet.
• Interpreting network traffic to identify compromised systems, negate denial of service attacks, and pinpoint resource abuse.
• Locating trends in abuse vectors, communicating with leadership to apprise of extent, and advocating for appropriate product changes to prevent future occurrences.
• Acting as a point of contact for security and abuse related incidents: providing supporting data for critical issues, downtime events, and Post-Mortem reports.
• Helping build tools to identify or automate response to abusive activity.
• Building strong relationships with the other technical teams across our engineering and infrastructure functions to harden account, platform, and service structures to combat intrusions, hijackings, and compromises.

What We’ll Expect From You:

• Experience handling live incident response activities transparently, in a fast-paced team environment where accurate interpretation of data determines business impact
• Ability to differentiate between normal and unusual resource usage patterns in customer, employee, network, and system behaviors in order to hunt for subtle anomalous patterns
• Both dead-disk and live digital forensics experience, especially on open source platforms with open source tools (eg, volatility, sleuthkit) in a production linux environment at scale
• Data analysis skills, including familiarity with relational databases, structured query languages, logging infrastructures, and data visualization tools (eg, looker, grafana)
• Familiarity with basic static and dynamic malware analysis for triage, identification, prioritization, and remediation of new malware families and behaviors (x86_64 preferred)
• A high degree of curiosity and aptitude, with a clear passion for security and the desire to keep our employees, customers, and the internet safe.
• Clear written and verbal communication skills to include; technical writing, presenting, coaching, mentoring.
• Consistently improving security as the platform scales, driving continuous improvement through data collection and correlation, being mindful that security should be an efficiency enabler for the business - not a detractor.
• Bonus: Experience in one or more of the following:
• Vulnerability Analysis, Scoping, and Mitigation Planning
• Threat Intelligence Collection / Evaluation / Dissemination
• Network Protocol Analysis
• Coding, automation, or scripting skills

Why You’ll Like Working for DigitalOcean:

• We have amazing people. We can promise you will work with some of the smartest and most interesting people in the industry. We work hard but we always have fun doing it. We care deeply about each other and take our “no jerks” rule very seriously.
• We value development. We are a high-performance organization that is always challenging ourselves to continuously grow. That means we maintain a growth mindset in everything we do and invest deeply in employee development. You’ll need to be great to get hired here and we promise you’ll get even better.
• We care about you. We offer competitive health, dental, and vision benefits for employees and their dependents, a monthly gym reimbursement to support your physical health, and a monthly commute allowance to make your trips to and from work easier.
• We invest in your future. We offer competitive compensation and a 401k plan with up to a 4% employer match. We also provide all employees with Kindles and reimbursement for relevant conferences, training, and education.
• We want you to love where you work. We have great office spaces located in the heart of SoHo NYC and Cambridge and offer daily catered lunches to keep your hunger at bay. We’re also very remote-friendly—we use Slack to communicate across the company—and all remote employees have the opportunity to onboard in-office and take an all-expenses paid trip to our annual company offsite, Shark Week, to get quality in-person time with the team at least once a year. We also allow employees to customize their workstations to meet their needs—whether remote or in office.

Department: Security

Want to learn more about our Security team? Clickhere!

Want an inside look into life at DO? Clickhere to hear from our employees!