Note: The job is a remote job and is open to candidates in USA. DigitalOcean is a cutting-edge technology company focused on simplifying cloud and AI. They are seeking a highly experienced Senior Security Analyst to lead their security monitoring program, enhance detection capabilities, and drive continuous improvement in incident response efforts.
Responsibilities
- Lead real-time monitoring, triage, and analysis of complex security events, providing verifiable assessments of threats and incident severity
- Engineer and automate advanced detection use cases across DigitalOcean's cloud and corporate environments, leveraging deep knowledge of adversary TTPs to design and implement scalable alerting solutions
- Develop, track, and report on key metrics for security monitoring effectiveness and incident response performance, using data to drive improvements
- Own and evolve the security monitoring program strategy, ensuring alignment with evolving threat landscapes and business priorities
- Work closely with Infrastructure Security Engineers to identify log sources, integrate, and maintain data pipelines (e.g., log sources, forwarders, parsing, enrichment)
- Perform proactive threat hunting and hypothesis-driven investigations and investigate anomalous activity to uncover hidden or emerging threats within DigitalOcean’s environments
- Mentor and guide lower level analysts, reviewing escalated incidents and providing technical leadership during incident response
- Coordinate threat analysis using historical data and architecture diagrams to identify attack vectors
- Collaborate with multiple teams to close monitoring gaps and improve overall security
- Optimize security tools and processes to reduce false positives, improve detection fidelity, and automate response workflows where appropriate
- Lead the creation and maintenance of detailed playbooks, runbooks, and documentation to standardize detection and response efforts
Skills
- 5+ years of hands-on experience with SIEM platforms and endpoint detection tools, with proven impact on security monitoring programs
- Demonstrated expertise in designing and tuning complex detection rules and alerting logic across diverse environments
- Deep understanding of network and endpoint security, attack methodologies, threat actor tactics, and mitigation strategies
- Experience in proactive threat hunting, vulnerability management, and coordinating with red teams or penetration testers
- Proven leadership in driving security program initiatives, setting metrics, and influencing cross-team security strategy
- Excellent communication skills for technical documentation, incident reporting, and mentoring less experienced analysts
- Proven experience with scripting and query languages (Python, Bash, SQL) to automate detection and response workflows
- Demonstrated proficiency in Linux, Windows, and macOS
- Comfortable working in a fast-paced environment with a collaborative and growth-focused mindset
Benefits
- Reimbursement for relevant conferences, training, and education
- All employees have access to LinkedIn Learning's 10,000+ courses to support their continued growth and development
- Employee Assistance Program
- Local Employee Meetups
- Flexible time off policy
- Bonus in addition to base salary; bonus amounts are determined based on company and individual performance
- Equity compensation to eligible employees, including equity grants upon hire and the option to participate in our Employee Stock Purchase Program
Company Overview
Company H1B Sponsorship