Note: The job is a remote job and is open to candidates in USA. DigitalOcean is a leading technology company focused on simplifying cloud and AI for builders. They are seeking a Senior Security Engineer I to lead the strategic maturation of their compliance framework, integrating compliance into workflows and ensuring the platform remains trusted for customers.
Responsibilities
- Architect and lead the implementation of an Integrated Management System (IMS) that harmonizes requirements across multiple ISO standards
- Manage cross-functional projects required to achieve and maintain product-level compliance certifications and/or eligibility for DigitalOcean’s core and emerging cloud services
- Lead both annual and ad-hoc risk assessments; maintain a dynamic risk register and drive cross-functional remediation for identified gaps
- Design and implement controls which meet rigorous standards without sacrificing velocity
- Author and maintain enterprise-level security policies, standards, and procedures that reflect current regulatory landscapes, internal risk appetite, and operational engineering realities
- Act as a subject matter expert in GRC on-call rotations, directly address complex customer inquiries, and support incident response activities to ensure compliance obligations are met under pressure
Skills
- 5+ years of experience in GRC, with a proven track record of leading multi-certification and multi-standard compliance programs, preferably at a technology company, where you directly partnered with engineering or infrastructure teams
- Experience building, maturing, and expanding the influence of an ISO program
- Experience in risk identification, various risk assessment methodologies, discerning between appropriate risk responses, and monitoring risk treatment plans
- Comfortable working cross-functionally to interpret ambiguity within new standards (e.g., ISO 42001), regulations, and legislation
- Ability to translate complex legal and regulatory requirements into actionable, testable controls for engineering, product, and IT teams
- Strong project management skills and the ability to manage complex, multi-quarter roadmaps involving dozens of stakeholders
- Relevant industry certifications such as a CRISC or ISO 27001 Lead Implementer
- Familiarity with prominent privacy legislation (e.g., GDPR/CCPA) as it relates to ISO 27701
Benefits
- Reimbursement for relevant conferences, training, and education
- All employees have access to LinkedIn Learning's 10,000+ courses to support their continued growth and development
- Employee Assistance Program
- Local Employee Meetups
- Flexible time off policy
- Bonus in addition to base salary; bonus amounts are determined based on company and individual performance
- Equity compensation to eligible employees, including equity grants upon hire and the option to participate in our Employee Stock Purchase Program
Company Overview
DigitalOcean provides a cloud platform to deploy, manage, and scale applications of any size. It was founded in 2012, and is headquartered in New York, New York, USA, with a workforce of 1001-5000 employees. Its website is http://www.digitalocean.com.Company H1B Sponsorship
DigitalOcean has a track record of offering H1B sponsorships, with 8 in 2026, 30 in 2025, 8 in 2024, 9 in 2023, 22 in 2022, 11 in 2021, 2 in 2020. Please note that this does not guarantee sponsorship for this specific role.