Senior Product Security Engineer, Secure Design – Kernel and Virtualization

🔥 0 minutes ago

🇺🇸 United States – Remote

💵 $140k - $175k / year

⏰ Full Time

🟠 Senior

🧑‍🔧 Mechanical Engineer

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

DigitalOcean

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

Founded 2011

☁️ SaaS

SaaS • Cloud Computing

DigitalOcean is a cloud infrastructure provider that offers a suite of products and services for developers to build, deploy, and scale applications. Their platform provides comprehensive tutorials, reference material, and support documentation to assist users in managing resources effectively using their API and CLI tools. With features like Droplets (virtual machines), managed databases, Kubernetes, and a marketplace for third-party applications, DigitalOcean focuses on simplicity and performance. They cater to both individual developers and larger organizations looking for cloud solutions that are easy to implement and manage.

📋 Description

• Propose and implement mitigations and defense-in-depth to threats discovered through threat modeling the virtualization stack (90%) • Provide deep technical expertise in systems architecture, kernel security features and network architecture to build out a threat model for our virtualization stack • Identify the trade-offs of different solutions and recommend the efficient design to achieve both functional goals and security requirements • Collaborate with development teams to implement remediations and defense in-depth to protect DigitalOcean’s customers’ workloads • Cultivate and promote a security culture (10%) • Mentor software engineering teams in security best practices • Help oversee our vulnerability management program

🎯 Requirements

• Deep familiarity with at least one kernel security feature (ex: AppArmor, SELinux, Landlock, etc.) • Capable of assessing and understanding the performance implications of code changes to virtualization stacks (especially in Qemu and KVM) • A record of partnering with internal engineering teams to tackle security problems across an entire stack with empathy and creativity • Ability to clearly communicate security topics and vulnerability classes (e.g. memory corruption, privilege escalation, TOCTOU, etc) and provide actionable direction to product teams • Working knowledge of modern development concepts (virtualized environments, containerization, continuous integration + delivery) • 5+ years of writing systems level code (embedded systems, kernel, assembly or similar) • Experience guiding software teams on secure architecture design • Written code for an embedded system (raspberry pi, arduino, etc) • Experience building or reviewing threat models and ability to craft malicious user, attacker, and abuse/misuse cases • An understanding of patches and mitigations for hardware side-channel attacks • Familiarity with object-oriented and functional programming concepts, particularly with languages such as Go, Rust, or C

🏖️ Benefits

• Competitive salary • Flexible work hours • Paid time off • Professional development opportunities • Employee Assistance Program • Local Employee Meetups • Education reimbursement • Access to LinkedIn Learning courses • Equity compensation options