ExecutivePlacements.com
Senior Network Security Engineer
ExecutivePlacements.com, San Francisco, California, United States, 94199
Dive in and do the best work of your career at DigitalOcean. Journey alongside a strong community of top talent who are relentless in their drive to build the simplest scalable cloud. If you have a growth mindset, naturally like to think big and bold, and are energized by the fast-paced environment of a true industry disruptor, you’ll find your place here. We value winning together while learning, having fun, and making a profound difference for the dreamers and builders in the world.
We are looking for a Senior Network Security Engineer who is passionate about DDoS mitigation technologies and network resilience. As a Senior Network Security Engineer at DigitalOcean, you will join a dynamic team dedicated to revolutionizing cloud computing and AI. You will serve as the DDoS Security Platform & Network Specialist, in charge of the DDoS platform, ensuring our infrastructure remains robust against evolving threats while supporting the protection of our critical services.
What You’ll Do
Define Security Baselines: Establish baseline traffic patterns, define DDoS detection thresholds, and conduct simulated DDoS attack scenarios to validate protection capabilities.
Integration & Documentation: Integrate with existing security infrastructure (SIEM, SOC tools), document configuration and findings, and provide recommendations for production deployment.
Network Infrastructure Support: Configure and maintain network devices (routers, switches, firewalls) and troubleshoot network connectivity and performance issues.
Traffic & Capacity Management: Monitor network traffic patterns and bandwidth utilization, assist with capacity planning, and implement network segmentation and access control policies.
Vendor Relations: Cultivate and maintain strong partnerships with existing and new network security vendors to ensure comprehensive security coverage.
Key Metrics
Security Posture: Reduction in the number of critical security vulnerabilities identified and remediation time for high-priority threats, particularly DDoS attack vectors.
Incident Response: Decrease in the Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) for security incidents, especially those related to volumetric and application-layer DDoS attacks.
Enablement: Enable cross-functional teams with strong DDoS mitigation strategies and best network security practices to enhance the overall security posture of the network.
What You’ll Add to DigitalOcean
DDoS Mitigation Expertise: 3+ years of hands‑on experience with DDoS protection platforms (Corero, Arbor, Radware, or similar), including a deep understanding of attack vectors and NetFlow Flow analysis.
Network Proficiency: Strong expertise in TCP/IP, BGP, OSPF, VLANs, and network architecture, combined with proficiency in enterprise networking equipment (Cisco, Juniper, Arista, or similar).
Traffic Analysis: Experience with packet capture and analysis tools such as Wireshark and tcpdump.
Preferred Experience: Previous Corero SmartWall deployment or administration, experience with cloud-based DDoS protection services, and familiarity with SDN (Software‑Defined Networking) concepts.
Advanced Routing Knowledge: Knowledge of BGP Flowspec and RTBH (Remotely Triggered Black Hole) routing.
Certifications: CCNP Security or equivalent; CISSP, GIAC, or other relevant security certifications are preferred.
Compensation Range
$137,000 - $171,000
#J-18808-Ljbffr
We are looking for a Senior Network Security Engineer who is passionate about DDoS mitigation technologies and network resilience. As a Senior Network Security Engineer at DigitalOcean, you will join a dynamic team dedicated to revolutionizing cloud computing and AI. You will serve as the DDoS Security Platform & Network Specialist, in charge of the DDoS platform, ensuring our infrastructure remains robust against evolving threats while supporting the protection of our critical services.
What You’ll Do
Define Security Baselines: Establish baseline traffic patterns, define DDoS detection thresholds, and conduct simulated DDoS attack scenarios to validate protection capabilities.
Integration & Documentation: Integrate with existing security infrastructure (SIEM, SOC tools), document configuration and findings, and provide recommendations for production deployment.
Network Infrastructure Support: Configure and maintain network devices (routers, switches, firewalls) and troubleshoot network connectivity and performance issues.
Traffic & Capacity Management: Monitor network traffic patterns and bandwidth utilization, assist with capacity planning, and implement network segmentation and access control policies.
Vendor Relations: Cultivate and maintain strong partnerships with existing and new network security vendors to ensure comprehensive security coverage.
Key Metrics
Security Posture: Reduction in the number of critical security vulnerabilities identified and remediation time for high-priority threats, particularly DDoS attack vectors.
Incident Response: Decrease in the Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) for security incidents, especially those related to volumetric and application-layer DDoS attacks.
Enablement: Enable cross-functional teams with strong DDoS mitigation strategies and best network security practices to enhance the overall security posture of the network.
What You’ll Add to DigitalOcean
DDoS Mitigation Expertise: 3+ years of hands‑on experience with DDoS protection platforms (Corero, Arbor, Radware, or similar), including a deep understanding of attack vectors and NetFlow Flow analysis.
Network Proficiency: Strong expertise in TCP/IP, BGP, OSPF, VLANs, and network architecture, combined with proficiency in enterprise networking equipment (Cisco, Juniper, Arista, or similar).
Traffic Analysis: Experience with packet capture and analysis tools such as Wireshark and tcpdump.
Preferred Experience: Previous Corero SmartWall deployment or administration, experience with cloud-based DDoS protection services, and familiarity with SDN (Software‑Defined Networking) concepts.
Advanced Routing Knowledge: Knowledge of BGP Flowspec and RTBH (Remotely Triggered Black Hole) routing.
Certifications: CCNP Security or equivalent; CISSP, GIAC, or other relevant security certifications are preferred.
Compensation Range
$137,000 - $171,000
#J-18808-Ljbffr