Senior Application Security Engineer I, Security Platform

Requirements

• Familiarity with technologies such as gRPC, Docker, Prometheus, Kubernetes, HashiCorp Vault, and GitHub Actions.
• Experience with microservice architectures, asynchronous and event-driven processing, and synchronous gRPC/HTTP-based requests.
• Strong analytical, communication, and organizational skills.
• *This job is located in Bengaluru, India
• JR: 2026-7765
• #LI-Hybrid
• Why You'll Like Working for DigitalOcean

Benefits

Additional Information

Dive in and do the best work of your career at DigitalOcean. Journey alongside a strong community of top talent who are relentless in their drive to build the simplest scalable cloud. If you have a growth mindset, naturally like to think big and bold, and are energized by the fast-paced environment of a true industry disruptor, you'll find your place here. We value winning together-while learning, having fun, and making a profound difference for the dreamers and builders in the world. We're looking for an Application Security Engineer who is passionate about partnering with engineers to ensure the safety of new products and features. As a member of the Security Engineering team, you will report to the Manager of Security Engineering. You will drive coordination over our AppSec tooling, e.g. SAST, SCA, to ensure appropriate coverage across the business and drive strategic initiatives with engineering to close gaps. You will collaborate with other security teams and the rest of DigitalOcean to drive secure software design, reduce security risk in the organization, and empower engineers to make informed security decisions. Security at DO means solving incredibly complex problems at a high-scale that have real impact for our customers, our products, and the larger internet community. W hat you'll do: Help drive operations of our deployed AppSec tooling, including SAST, SCA, and secrets management. You will synthesize findings into actionable, impactful priorities and work with engineering teams to close those gaps. We like Semgrep , and believe it accelerates our ability to create guardrails around safe engineering practices. You will add to our growing corpus of custom, internal Semgrep rules. Help accelerate the wider security organization through your secure engineering capabilities. You may build an AI agent to support the Trust & Safety organization or an alert pipeline for the SOC. Design and build internal tooling to provide engineering teams with secure-by-default configurations and libraries. Write robust, resilient, and maintainable software, primarily in Go and Python. You may sometimes work on a frontend. Prioritize the user experience (our customers are internal dev teams) to ensure security's libraries and services are the easiest, fastest way to get work done. What you'll add to DigitalOcean: Required qualifications: 5+ years of experience in software engineering projects with a security focus. We primarily develop in Go, Python, and JavaScript. You are comfortable writing robust code with good test coverage and can point to specific examples of projects you've successfully delivered in the past. Experience building or reviewing threat models and ability to craft malicious user, attacker, and abuse/misuse cases. Working knowledge of hardware and software supply chain security. Understanding of and ability to clearly communicate security topics and vulnerability classes (e.g. OWASP Top Ten). You need to understand why the current project provides security benefits to our engineers. A record of partnering with internal engineering teams to tackle security problems across an entire stack with empathy and creativity. Engineering teams are our partners, not our adversaries.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at digitalocean98? Share your experience