Own the Platform Vision: Define and drive the multi-year technical roadmap for Audit Logging, SIEM Integration, and Unified Security Visibility - spanning event collection, normalization, enrichment, storage, and customer-facing exposure across DigitalOcean's global cloud platform.
Architect for Hyperscale: Design fault-tolerant, high-throughput audit and telemetry pipelines in Go capable of ingesting and processing billions of security events per day with guaranteed delivery, low latency, and full auditability.
Build Unified Security Visibility: Architect the Unified Security Dashboard and control plane that aggregates signals from threat detection, IAM, network security, and workload protection into a single coherent customer-facing security posture view.
Drive SIEM Integration: Design and deliver first-class integrations with leading SIEM platforms (Splunk, Datadog, Chronicle, Microsoft Sentinel) via standardized log export, streaming APIs, and webhook frameworks - enabling customers to bring their own observability stack without friction.
Drive Cross-Team Impact: Partner with IAM, Threat Detection, DOKS, Billing, and Platform Engineering to ensure that every product surface emits structured, consistent, high-fidelity security telemetry. Serve as the connective tissue between the security data plane and the broader cloud platform.
Set Engineering Standards: Establish logging schema standards, event taxonomy, and observability engineering practices adopted org-wide. Lead design reviews for changes with cross-cutting platform risk and author RFCs that shape DigitalOcean's technical direction.
Mentor & Grow the Organization: Mentor and develop senior and mid-level engineers across Security Products and adjacent teams. Conduct deep code reviews, model architectural thinking, and build a culture of security-first, observability-native engineering.
What You'll Add to DigitalOcean
Core Experience: You possess over 10 years of software engineering expertise, including 4+ years dedicated to audit logging, security telemetry, SIEM integration, or managing high-throughput data pipelines within cloud or IaaS ecosystems.
Language & Architecture: You are an expert in Go and have extensive experience designing gRPC-based microservices.
Streaming Systems: You have deep, hands-on knowledge of Apache Flink, Apache Kafka, or similar high-volume stream processing frameworks, with a focus on exactly-once semantics, durability, and ordering guarantees.
Security Observability: You have a proven history of developing security visibility platforms, such as unified control planes, security dashboards, or complex SIEM integrations across diverse cloud environments.
Compliance & Distributed Systems: You understand audit requirements for frameworks like SOC 2, ISO 27001, FedRAMP, and PCI-DSS. You can build large-scale systems handling replication, consensus, and partitioning with high reliability.
Cloud-Native Stack: You are proficient with Kubernetes, Terraform (IaC), SQL (MySQL), and analytical or columnar data stores.
Leadership
Benefits
Vision insurancePaid time off
Additional Information
Dive in and do the best work of your career at DigitalOcean. Journey alongside a strong community of top talent who are relentless in their drive to build the simplest scalable cloud. If you have a growth mindset, naturally like to think big and bold, and are energized by the fast-paced environment of a true industry disruptor, you'll find your place here. We value winning together-while learning, having fun, and making a profound difference for the dreamers and builders in the world.
We are seeking a Principal Architect (IC6) to join our Customer Trust & Engineering organization as the technical owner of Audit Logging, SIEM Integration, and Unified Security Visibility. These systems are the eyes and ears of DigitalOcean's security posture - ingesting, normalizing, and surfacing billions of security events across our global, multi-tenant cloud platform so that customers and internal teams can detect threats, investigate incidents, and demonstrate compliance in real time.
As an IC6, you won't just improve existing pipelines - you will define what our audit logging and security visibility platform becomes over the next two to three years, and lead the engineers who build it. You will drive architectural strategy across multiple teams, unify fragmented telemetry into a coherent security data plane, and set the standard for how DigitalOcean thinks about observability and auditability at hyperscale. If you are passionate about distributed systems, high-throughput data pipelines, and building security infrastructure that millions of developers depend on, this is the role for you.
Digitalocean98 · Boston