Philip Vaccaro

Philip G. Vaccaro

Distributed backend platforms — public APIs, control planes, and the identity & cryptography layer at fleet scale.

2M+active Droplets
500K+users served
56Mrequests/day
~80endpoints owned

Summary

12+ years designing, building, and operating highly available distributed backend systems at scale. Currently own the public v2 API and gRPC microservices for DigitalOcean's Droplet compute platform — a multi-tenant cloud serving 2M+ active instances and 500K+ users. Previously staff-level at QuSecure, where I architected the cryptographic agility control plane and built sub-millisecond gRPC services for the production data plane. Stack: Go, Java, Rust on Kubernetes, with gRPC/Protobuf, Kafka, Redis, Envoy, PostgreSQL/CockroachDB, and a full Prometheus/Grafana/OpenSearch observability layer.

Experience

DigitalOcean — Droplet Compute / AI Infrastructure

Senior Software Engineer II (IC4)Feb 2025 — Present

  • Own ~80 HTTP and gRPC endpoints across 11 services on the Droplet compute platform, sustaining 650 RPS (56M req/day) for a multi-tenant fleet of 2M+ active compute instances and 500K+ users across the public v2 API and control panel surfaces.
  • Led migration of Droplet infrastructure from direct PostgreSQL/CockroachDB access to centralized gRPC microservices on Kubernetes, decoupling the distributed compute control plane and improving service isolation across the fleet.
  • Shipped customer-facing observability for top-tier enterprise customers approaching Droplet and GPU quota limits — Prometheus metrics and alerting that proactively surface capacity risk before it impacts customer workloads.
  • Drove fleet-wide mTLS enforcement, automated credential rotation, and service-to-service identity & authentication abstractions across the production microservices estate — remediating security audit findings and establishing standards adopted by adjacent teams.

QuSecure — Post-Quantum Cryptography

Senior Staff Software EngineerMar 2024 — Feb 2025

  • Architected and delivered the cryptographic agility control plane enabling seamless post-quantum algorithm migration across distributed network infrastructure; presented architecture and progress directly to executive leadership.
  • Built Go and Rust gRPC microservices handling cryptographic operations at sub-millisecond latency; defined API contracts and code review standards for the services team.
  • Identified and optimized a critical-path query bottleneck, cutting P99 latency by 50% and improving end-to-end system throughput.

QuSecure — Post-Quantum Cryptography

Staff Software EngineerOct 2022 — Mar 2024

  • Developed post-quantum TLS cipher libraries in Go, compiled to shared libraries via cgo and integrated as custom Envoy proxy plugins for transparent cryptographic interception of L4/L7 network traffic — putting PQ-safe TLS into the data plane without application changes.
  • Built end-to-end distributed orchestration: Protocol Buffer schemas, REST and gRPC APIs, Redis-backed pub/sub event streaming, and the team's first comprehensive monitoring, distributed tracing, and alerting infrastructure.
  • Authored architecture documents and led design reviews, establishing the team's design review practice and mentoring engineers on review standards.

DigitalOcean — Droplet Compute

Software Engineer (IC2)Sep 2021 — Oct 2022

  • Implemented event-driven Droplet compute lifecycle workflows on Apache Kafka, improving throughput and reliability of high-volume compute provisioning across the fleet.
  • Designed and built a distributed credential-management service for SSH key lifecycle, with gRPC APIs orchestrating key state across the compute fleet; defined service authentication patterns later adopted as team standards.
Earlier experience (2013 — 2021)

A mix of contract, consulting, and product roles — between research stints and before joining DigitalOcean.

Martin Federal Consulting — on contract to Oak Ridge National Laboratory

Software Engineer2018 — 2021

  • Built Java REST APIs and data models for ORNL research systems, supporting national-laboratory scientific computing infrastructure.

Jewelry Television — e-commerce platform

Software Engineer2018 — 2021

  • Developed Java microservices and ETL pipelines powering the JTV e-commerce backend.

General Commission · Data Tapestry

Software Engineer2018 — 2021

  • Built distributed transaction systems in Python on a NATS event bus, plus Go REST API services.

Siemens Corporate Research & Molecular Imaging

Software EngineerMar 2013 — Jun 2015

  • Developed C++ libraries for real-time medical image processing; automated upgrade of 250+ imaging systems.

Selected Work

Research

Graduate Research Assistant — Innovative Computing Laboratory, UT KnoxvilleAug 2015 — Apr 2018

  • Advisor: Prof. Jack Dongarra. Contributed the PAPI powercap component (above) and researched runtime power optimization in HPC environments.

Co-op — Sandia National LaboratoriesJan 2016 — Jun 2016

  • Developed C library for processing multi-rate FPGA sensor and telemetry data in the TITANS program.

Education

University of Tennessee, Knoxville

M.S. Computer Science, 2018  ·  B.S. Computer Science, 2014 (Cum Laude)

Thesis: Power-cognizant Computing