Staff Security Engineer, Proactive Security

At DoorDash we’re building the industry’s most scalable and reliable delivery network to support our three-sided marketplace of consumers, merchants, and Dashers. Security is paramount to the success of our business, and DoorDash Security aspires to be the world’s most admired security team. We are committed to building the world's most trusted on-demand, logistics engine for delivery! We're expanding our team of great minds to help us secure and maintain a 24x7, no downtime, global infrastructure system that powers DoorDash’s multi-sided marketplace of consumers, merchants, and drivers.

Our Security Engineering team is looking for a Staff Security Engineer to lead threat modeling, hardening and operation of security services within DoorDash’s Product and Cloud Security domains. You will be a part of our inclusive, collaborative global team responsible for building “paved paths” to ensure a safe, reliable and resilient delivery network. This is a US or Canada remote position reporting directly to the Manager of our Security Engineering team. 

• Threat model, design, harden, and operationalize Product and Cloud Security services and controls at DoorDash scale.
• Define, document and implement security standards, guidelines and procedures to design and implement automated security controls and remediation tools with rigor and developer ergonomics.
• Partner cross-functionally with Core Infrastructure, Product Engineering, Legal, Security teams and Vendor Partners to build “paved paths” that provide actionable feedback to embed secure design practices into the product and infrastructure development process.
• Lead the technical direction and roadmap execution for your assigned area of ownership. 
• Build and maintain high Operational Excellence (OE) to ensure we operate services with excellence, rigor and durable standards to ensure minimal downtime.
• Participate in on-call rotation and promptly respond to on-call events with urgency and rigor.
• Manage the lifecycle of product and cloud security vulnerabilities, from identification, triage, and drive remediation, reporting and metrics.
• Influence and enable the secure and responsible adoption of LLMs and AI tools.
• Mentor and coach earlier career engineers, setting high standards for Operational Excellence and Security Engineering.

• You have 8+ years as a security engineer in product or infrastructure security, with deep hands-on AWS expertise across identity, IAM, SSO, and infrastructure hardening. You can point to specific projects you personally delivered at the service level (GCP experience is a plus).
• You write production-quality automation and tooling daily, with hands-on AI experimentation applied to cloud security problems. 
• You're proficient in Python or other languages like Golang, and strong with IaC tooling like Terraform.
• You've driven foundational improvements to a company's infrastructure security posture and brought breadth across security and infrastructure in large production environments, including CI/CD pipelines for automated control enforcement.
• You have a deep understanding of OWASP Top 10, distributed systems security and design, and can analyze code, architecture, and designs from a security perspective.
• You solve complex, systemic problems with creative thinking, bring exceptional analytical and investigative abilities with hands-on root cause analysis experience, and communicate clearly in writing and conversation with engineering partners on design docs and architecture reviews.

Notice to Applicants for Jobs Located in NYC or Remote Jobs Associated With Office in NYC Only

We used Covey as part of our hiring and/or promotional process for jobs in NYC and certain features may qualify it as an AEDT in NYC. As part of the hiring and/or promotion process, we provided Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound from August 21, 2023, through December 21, 2023.  We resumed using Covey Scout for Inbound again on June 29, 2024, and ceased using Covey Scout for Inbound on April 30, 2026.

The Covey tool has been reviewed by an independent auditor. Results of the audit may be viewed here: https://getcovey.com/nyc-local-law-144.