Senior SOC Engineer: Corporate Security
New York, NY

Job Description

Have you ever wondered what happens inside the cloud?

Based in New York, DigitalOcean is a dynamic, high-growth technology company that serves a robust and passionate community of developers, teams, and businesses around the world. We believe that today's entrepreneurs are changing the world through software. Our mission is to empower these entrepreneurs by bringing modern app development within reach for any developer, anywhere in the world.

We want people who are passionate about making the internet a safer place for everyone.

We are looking for an inspired and motivated technical contributor to join the DigitalOcean Security Operations Center. Reporting to the Security Operations Center Manager, the Senior SOC Engineer will be a key member of DigitalOcean's security team, charged with improving the security posture of DigitalOcean both reactively and proactively, ensuring a secure cloud infrastructure for both customers and internal users. You will continue to develop skills in one or more of multiple focal areas including SIEM and alert management, tooling automation, identity and access management, network security, vulnerability management, and incident response. You will use your analytical skills to identify and eliminate potential threats inside DigitalOcean and your engineering skills to create new and innovative ways to increase the security surrounding our production and corporate infrastructure.

With over 200,000 customers utilizing 10+ data centers and 10,000+ hypervisors every day, our Security Operations Center never loses sight of the role we play in making the internet a more secure place for everyone.

What You'll Be Doing:

* Establishing an understanding of DigitalOcean's entire production environment, from applications to infrastructure, keeping up-to-date with material changes and future directions.
* Building and maintaining state-of-the-art tooling to keep DigitalOcean's infrastructure and corporate environment safe from external attack and insider threat
* Analyzing network traffic to identify compromised systems, negate denial of service attacks, and pinpoint abnormal usage patterns indicative of potential intrusions.
* Developing the early warning system which detects, responds, and mitigates risks to the business as well as the customer environment
* Engineering approaches to harvest security relevant events, converting that data into actionable intelligence, and collaborating with other technical teams to act on it
* Building strong relationships with the other technical teams across our engineering and infrastructure functions to harden accounts, platforms, and service structures to combat intrusions, hijackings, and potential compromises.

What We'll Expect From You:

* Network security experience, especially in open source solutions like Bro, Snort, and Suricata, in high-volume production environments
* Endpoint Intrusion Detection, Response, and Remediation experience, whether via open source tools (osquery, ossec, aide, etc) or commercial EDR platforms
* Open source log management experience, especially security information and event management (eg, graylog, ELK, etc)
* Experience automating security tooling, alerting, and remediation workflows especially security event enrichment, reduction, and correlation
* Vulnerability Management experience, focused on prioritizing known vulnerabilities for remediation at scale and classifying previously unknown vulnerabilities
* Strong understanding of Linux systems, services, and deployment models (eg, ubuntu)
* Strong analytical skills including the ability to quickly identify trends and patterns.
* Clear written and verbal communication skills to include; technical writing, presenting, coaching, mentoring.
* Consistently improving security as the platform scales, driving continuous improvement through data collection and correlation, being mindful that security should be an efficiency enabler for the business - not a detractor.
* Bonus: Experience in one or more of the following areas:
* Configuration as Code software and methods (eg, Chef, Salt, Ansible)
* Message Bus Architectures and Data Processing Pipelines (eg, Kafka)
* Digital Forensics & Incident Response Experience
* End User Education Campaigns and Training Materials
* IPv6 Subnetting, Address Assignment, IP Address Management Tools

Why You'll Like Working for DigitalOcean:

* We have amazing people. We can promise you will work with some of the smartest and most interesting people in the industry. We work hard but we always have fun doing it. We care deeply about each other and take our "no jerks" rule very seriously.
* We value development. We are a high-performance organization that is always challenging ourselves to continuously grow. That means we maintain a growth mindset in everything we do and invest deeply in employee development. You'll need to be great to get hired here and we promise you'll get even better.
* We care about you. We offer competitive health, dental, and vision benefits for employees and their dependents, a monthly gym reimbursement to support your physical health, and a monthly commute allowance to make your trips to and from work easier.
* We invest in your future. We offer competitive compensation and a 401k plan with up to a 4% employer match. We also provide all employees with Kindles and reimbursement for relevant conferences, training, and education.
* We want you to love where you work. We have great office spaces located in the heart of SoHo NYC and Cambridge and offer daily catered lunches to keep your hunger at bay. We're also very remote-friendly-we use Slack to communicate across the company-and all remote employees have the opportunity to onboard in-office and take an all-expenses paid trip to our annual company offsite, Shark Week, to get quality in-person time with the team at least once a year. We also allow employees to customize their workstations to meet their needs-whether remote or in office.
* We value diversity and inclusivity. We are an equal opportunity employer and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Department: Security

Want to learn more about our Security team? Clickhere!

Want an inside look into life at DO? Clickhere to hear from our employees!