Philip Vaccaro

Philip G. Vaccaro

Compute control planes at fleet scale: the product APIs and services that orchestrate VM lifecycle across millions of instances and ~20 global regions, including GPU and AI capacity.

2M+active VMs
500K+users served
56Mrequests/day
~80endpoints owned

Summary

12+ years building business-critical, reliable distributed systems at scale. I own the compute control plane for DigitalOcean's Droplet platform: the product-layer APIs and gRPC services that orchestrate the VM lifecycle of a 2M+ instance fleet across ~20 global regions, including GPU and AI-infrastructure capacity. It's the control layer external customers and internal teams build on, exposed through the public v2 API and services on Kubernetes. This builds on a foundation of writing systems-level C every day in HPC research under Jack Dongarra, where I authored the PAPI powercap component and the runtime power-management techniques that became US Patent 10,817,041 (IEEE HPEC Best Paper Finalist). In between, a staff role at QuSecure where I built the cryptographic-agility control-plane services largely in Rust, down to the Envoy/cgo data plane. I work in Go day-to-day and reach for Rust and C/C++ on systems-level work, and I like owning ambiguous, greenfield problems end-to-end. Stack: Go and Rust on Linux, with gRPC/Protobuf, Kafka, Redis, Envoy, PostgreSQL/CockroachDB, and Prometheus/Grafana.

Experience

DigitalOcean – Droplet Compute / AI Infrastructure

Senior Software Engineer II (IC4)Feb 2025 – Present

  • Own the compute control plane for the Droplet platform: ~80 HTTP and gRPC endpoints across 11 services that orchestrate the VM lifecycle of a multi-tenant fleet of 2M+ active instances across ~20 global regions, with product-layer APIs behind operations like resize, snapshot, rebuild, and teardown. Serves 500K+ users at 650 RPS (56M req/day).
  • Built capacity controls that keep the fleet ahead of demand: proactive quota and capacity-limit signals for enterprise customers (including GPU / AI-infrastructure capacity), surfacing risk before it impacts workloads.
  • Led migration of Droplet infrastructure from direct PostgreSQL/CockroachDB access to a centralized gRPC control plane on Kubernetes, decoupling the control-plane services and improving fleet-wide agility, isolation, and fault-tolerance.
  • Lead P0/P1 incident response across the compute estate: root-cause analysis, postmortems, and metrics-based alerting (Prometheus, Grafana, OpenSearch) that measurably reduced MTTR.

QuSecure – Post-Quantum Cryptography

Senior Staff Software EngineerMar 2024 – Feb 2025

  • Architected and delivered the cryptographic agility control plane enabling seamless post-quantum algorithm migration across distributed network infrastructure; presented architecture and progress directly to executive leadership.
  • Built the underlying gRPC microservices largely in Rust (with Go), handling cryptographic operations at sub-millisecond latency; defined API contracts and code review standards for the services team.
  • Identified and optimized a critical-path query bottleneck, cutting P99 latency by 50% and improving end-to-end system throughput.

QuSecure – Post-Quantum Cryptography

Staff Software EngineerOct 2022 – Mar 2024

  • Stood up the team's first comprehensive monitoring, distributed tracing, and alerting infrastructure, giving the engineering org its first end-to-end view of production system health and reliability.
  • Built end-to-end distributed orchestration: Protocol Buffer schemas, REST and gRPC APIs, and Redis-backed pub/sub event streaming.
  • Developed post-quantum TLS cipher libraries in Go, compiled via cgo and integrated as custom Envoy proxy plugins for transparent L4/L7 cryptographic interception; authored architecture documents and established the team's design review practice.

DigitalOcean – Droplet Compute

Software Engineer (IC2)Sep 2021 – Oct 2022

  • Built event-driven Droplet lifecycle workflows on Apache Kafka, the orchestration path that coordinates high-volume lifecycle operations across the fleet.
  • Designed and built a distributed credential-management service for SSH key lifecycle, with gRPC APIs orchestrating key state across the compute fleet; defined service authentication patterns later adopted as team standards.
Earlier experience (2013 – 2021)

A mix of contract, consulting, and product roles, between research stints and before joining DigitalOcean.

Martin Federal Consulting – on contract to Oak Ridge National Laboratory

Software Engineer2018 – 2021

  • Built Java REST APIs and data models for ORNL research systems, supporting national-laboratory scientific computing infrastructure.

Jewelry Television – e-commerce platform

Software Engineer2018 – 2021

  • Developed Java microservices and ETL pipelines powering the JTV e-commerce backend.

General Commission · Data Tapestry

Software Engineer2018 – 2021

  • Built distributed transaction systems in Python on a NATS event bus, plus Go REST API services.

Siemens Corporate Research & Molecular Imaging

Software EngineerMar 2013 – Jun 2015

  • Developed C++ libraries for real-time medical image processing; automated upgrade of 250+ imaging systems.

Selected Work

Research

Graduate Research Assistant – Innovative Computing Laboratory, UT KnoxvilleAug 2015 – Apr 2018

  • Advisor: Prof. Jack Dongarra. Wrote systems-level C daily, authoring the PAPI powercap component (runtime power measurement and capping over the Linux powercap/RAPL interfaces) and researching power optimization for HPC workloads. This work became US Patent 10,817,041.

Co-op – Sandia National LaboratoriesJan 2016 – Jun 2016

  • Developed C library for processing multi-rate FPGA sensor and telemetry data in the TITANS program.

Education

University of Tennessee, Knoxville

M.S. Computer Science, 2018  ·  B.S. Computer Science, 2014 (Cum Laude)

Thesis: Power-cognizant Computing