Senior Application Security Engineer I, Security Platform - DigitalOcean

Key Responsibilities

• Partner with product and engineering teams to embed security throughout the software development lifecycle for cloud services.
• Conduct threat modeling, security architecture reviews, and secure code reviews for new features and major changes.
• Design, implement, and maintain automated security testing pipelines (SAST, DAST, container scanning) within CI/CD workflows.
• Develop security guidelines, best‑practice documentation, and training materials to elevate the security posture of development teams.
• Respond to security incidents, perform root‑cause analysis, and drive remediation efforts.

Requirements

• 5+ years of experience in application security, preferably in a cloud‑native environment.
• Strong knowledge of threat modeling methodologies, secure coding practices, and common vulnerabilities (OWASP Top 10).
• Hands‑on experience with security tooling such as static and dynamic analysis, container security, and infrastructure‑as‑code scanning.
• Proficiency in at least one programming language (e.g., Python, Go, Java) and scripting for automation.
• Excellent communication skills and a collaborative mindset to work effectively with cross‑functional engineering teams.