DigitalOcean

ProductSecurityEngineerII

Bengaluru, India

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Mid candidates.

The Brief

“Product Security Engineer II at DigitalOcean. Skills: Product Security, Application Security, Security Architecture, Software Engineering, Threat Modeling. Provide holistic assessments of security layers across infrastructure, application, people, and processes.. Collaborate with product managers, designers, and engineers to threat model and architect secure and resilient systems.”

What You'll Achieve.

Reduce the impact and burden of security initiatives on engineering.; Guide secure architecture design and reduce security risk in the organization.; Provide secure defaults to the rest of the organization.; Ensure software development at DigitalOcean is safe, easy, and low-risk.

Industry & Context.

Problems you'll solve

Solve large-scale security challenges; Reduce the impact and burden of security initiatives on engineering; Reduce security risk in the organization; Solve incredibly complex problems at a high-scale

What They're Looking For.

Must Have

Ability to clearly communicate security topics and vulnerability classes (e.g. OWASP Top Ten) and provide actionable direction to product teams., A record of partnering with internal engineering teams to tackle security problems across an entire stack with empathy and creativity., Hands-on experience in software engineering projects., Comfortable writing code with good test coverage., Working knowledge of modern development concepts (virtualized environments, containerization, continuous integration + delivery, Public Cloud such as AWS/GCP).

Nice to Have

Bachelor's degree in Computer Science or related field., 3+ years experience guiding software teams on security architecture design., 3+ years of experience in application security or product security roles., Do you have 3+ years of software engineering experience, are interested in moving into a dedicated security role, and can share examples of championing security issues in the past?, Proven professional experience guiding software teams on secure architecture design., Working knowledge of system architecture and/or application architecture., Experience building or reviewing threat models and ability to craft malicious user, attacker, and abuse/misuse cases., Working knowledge of hardware and software supply chain security.

What You'll Do.

Provide holistic assessments of security layers across infrastructure

Collaborate with product managers

and engineers to threat model and architect secure and resilient systems.

Review source code against secure coding best practices and contribute security requirements.

Drive the software design and implementation of security services

and libraries to provide secure defaults to the rest of the organization.

Promote security remediations in the CI/CD pipeline by building tools and services for engineers to consume.

Help build the platform that ensures software development at DigitalOcean is safe

Champion an internal security culture (developer training

Help DigitalOcean engineers understand how security events impact them.

How You'll Work.

Team & Collaboration

Collaborate with other security teams and the rest of DigitalOcean to guide secure architecture design and reduce security risk in the organization.; Collaborate with product managers, designers, and engineers to threat model and architect secure and resilient systems.; Partnering with internal engineering teams to tackle security problems across an entire stack with empathy and creativity.

Communication Scope

Ability to clearly communicate security topics and vulnerability classes (e.g. OWASP Top Ten) and provide actionable direction to product teams.

Full Job Description

Dive in and do the best work of your career at DigitalOcean. Journey alongside a strong community of top talent who are relentless in their drive to build the simplest scalable cloud. If you have a growth mindset, naturally like to think big and bold, and are energized by the fast-paced environment of a true industry disruptor, you’ll find your place here. We value winning together—while learning, having fun, and making a profound difference for the dreamers and builders in the world. We’re looking for a Product Security Engineer to solve large-scale security challenges while reducing the impact and burden of these security initiatives on engineering. We believe application security best enables the enterprise when it integrates into developer lifecycles. As a member of the Security Engineering team, you will collaborate with other security teams and the rest of DigitalOcean to guide secure architecture design and reduce security risk in the organization through the construction of guardrails and paved paths that empower engineers to make informed security decisions. Security at DO means solving incredibly complex problems at a high-scale that have real impact for our customers, our products, and for the larger internet community. What You’ll Do: Provide holistic assessments of security layers across infrastructure, application, people, and processes. Collaborate with product managers, designers, and engineers to threat model and architect secure and resilient systems. Review source code against secure coding best practices and contribute security requirements. Drive the software design and implementation of security services, tools, and libraries to provide secure defaults to the rest of the organization. Promote security remediations in the CI/CD pipeline by building tools and services for engineers to consume (e. g. custom Semgrep implementation, developer-first secrets management). Help build the platform that ensures software development at DigitalOcean is safe

Free ATS check

Applying for this Product Security Engineer II role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 34 detected · ranked by frequency

Threat Modeling ×6

Product Security ×3

Application Security ×3

Holistic assessments of security layers ×3

Architect secure and resilient systems ×3

Review source code ×3

Implement security services, tools, and libraries ×3

Build tools and services for engineers ×3

Build platform for secure software development ×3

Understand security events impact ×3

Virtualized environments ×3

Containerization ×3

Continuous integration ×3

Continuous delivery ×3

Public Cloud ×3

System architecture ×3

Application architecture ×3

Hardware supply chain security ×3

Software supply chain security ×3

Security Architecture ×2

Software Engineering ×2

Semgrep ×2

Python

JavaScript

PHP

AWS

GCP

Security architecture design

Secure coding best practices

Software design

Security requirements

Security remediations

BEHAVIOURAL

Growth mindsetThink big and boldWinning togetherEmpathyCreativityBias for actionSense of responsibility

Role Details

Experience 2–5 yrs

Level Mid

Work Mode hybrid

Category security

AI-Extracted Insights

Domain Areas

cloud-securityapplication-securityproduct-securitymodern-development-conceptsvirtualized-environmentscontainerizationcontinuous-integration-deliverypublic-cloud-aws-gcp

ANONYMOUS · UNFILTERED

What do employees actually say about DigitalOcean?

Real rants from real employees. Read before you apply.

Read Company Rants →