Posted Jul 10, 2026

Senior Product Security Engineer, Secure Design – Kernel and Virtualization

Apply Now →
Job Description: • Propose and implement mitigations and defense-in-depth to threats discovered through threat modeling the virtualization stack (90%) • Provide deep technical expertise in systems architecture, kernel security features and network architecture to build out a threat model for our virtualization stack • Identify the trade-offs of different solutions and recommend the efficient design to achieve both functional goals and security requirements • Collaborate with development teams to implement remediations and defense in-depth to protect DigitalOcean’s customers’ workloads • Cultivate and promote a security culture (10%) • Mentor software engineering teams in security best practices • Help oversee our vulnerability management program Requirements: • Deep familiarity with at least one kernel security feature (ex: AppArmor, SELinux, Landlock, etc.) • Capable of assessing and understanding the performance implications of code changes to virtualization stacks (especially in Qemu and KVM) • A record of partnering with internal engineering teams to tackle security problems across an entire stack with empathy and creativity • Ability to clearly communicate security topics and vulnerability classes (e.g. memory corruption, privilege escalation, TOCTOU, etc) and provide actionable direction to product teams • Working knowledge of modern development concepts (virtualized environments, containerization, continuous integration + delivery) • 5+ years of writing systems level code (embedded systems, kernel, assembly or similar) • Experience guiding software teams on secure architecture design • Written code for an embedded system (raspberry pi, arduino, etc) • Experience building or reviewing threat models and ability to craft malicious user, attacker, and abuse/misuse cases • An understanding of patches and mitigations for hardware side-channel attacks • Familiarity with object-oriented and functional programming concepts, particularly with languages such as Go, Rust, or C Benefits: • Competitive salary • Flexible work hours • Paid time off • Professional development opportunities • Employee Assistance Program • Local Employee Meetups • Education reimbursement • Access to LinkedIn Learning courses • Equity compensation options