Engineering Manager, Red Team

About the Role

The Red Team operates across the full adversary simulation lifecycle, from scoping threat-informed engagements to executing realistic attack chains and working with engineering and detection teams to close identified gaps. The team's attack surface is extensive, covering various aspects of DoorDash's operations. As the leader of this team, the Engineering Manager will need to stay technically involved in engagement scoping, methodology, and tooling architecture, while also guiding adversary simulation and driving cross-functional partnerships to ensure that findings are translated into actionable outcomes.

What You Will Do

• Define the Red Team's strategic roadmap, including engagement cadence, target prioritization, and capability development, aligned with DoorDash's threat landscape.
• Lead, coach, and grow a team of offensive security engineers, focusing on technical depth and career development.
• Hire intentionally to fill capability gaps as the team scales, ensuring a diverse range of skills and expertise.
• Stay technically involved in engagement scoping, methodology, and tooling architecture, leveraging expertise in offensive security.
• Guide adversary simulation, ensuring that simulations are realistic and effective in identifying vulnerabilities.
• Drive remediation outcomes cross-functionally, partnering with detection/response, AppSec, infrastructure security, and product engineering to ensure that findings are addressed.
• Build purple team workflows with detection engineering to validate and improve defensive coverage.
• Direct the development of Red Team infrastructure and custom tooling as production-quality software.
• Translate offensive findings into risk language that engineers, VPs, and non-technical stakeholders can understand and act on.
• Design repeatable processes and metrics that communicate the team's value in terms of risk reduction, not just finding count.

What We Are Looking For

• 7+ years of offensive security experience, including red teaming, adversary simulation, and penetration testing, with at least 3 years managing offensive security practitioners.
• Deep, hands-on red team expertise, with fluency in TTPs, attack chains, tradecraft, and tooling.
• Demonstrated player-coach balance between technical depth and management responsibilities.
• Track record of shaping security strategy beyond your own team, influencing engineering, product, or infrastructure organizations to prioritize and act on findings.
• Experience with cloud-native offensive operations, including AWS/GCP, Kubernetes, containerized microservices, and CI/CD pipelines.
• Strong cross-functional influence, with the ability to convince engineering VPs to allocate sprint capacity for remediation and communicate the value of a red team in terms of risk reduction.
• People-first leadership, with a focus on coaching, career development, and honest feedback.

Nice to Have

• Experience operating red teams at a marketplace, fintech, or logistics company at scale.
• Background in building or directing custom offensive tooling and C2 infrastructure.
• Purple team experience, with collaborative detection validation with blue team/DFIR partners.
• Familiarity with threat intelligence-driven engagement scoping, mapping real adversary TTPs to organizational attack surface.
• Relevant certifications, such as OSCP, OSCE, GXPN, CRTO, CRTL, or similar.

Benefits and Perks

• Flexible/remote work arrangement, allowing for work-life balance and flexibility.
• Opportunity to work with a leading company in the food delivery and logistics space.
• Collaborative and dynamic work environment, with a focus on innovation and security.
• Professional development opportunities, including training and certification programs.
• Competitive compensation package, with potential for equity and bonuses.
• Comprehensive health insurance, including medical, dental, and vision coverage.
• Generous PTO and sick leave policy, ensuring time for rest and relaxation.
• Remote stipend, to support remote work setup and productivity.

• To stand out, highlight specific examples of your experience with cloud-native offensive operations and your ability to lead and grow a team of engineers.
• Make sure your resume and cover letter are tailored to the role, emphasizing your technical expertise and leadership skills.
• Prepare to discuss your experience with engagement scoping, methodology, and tooling architecture, as well as your approach to driving remediation outcomes.
• Be ready to provide examples of how you have influenced security strategy beyond your own team and communicated complex technical information to non-technical stakeholders.
• Show enthusiasm for the company's mission and commitment to security, and be prepared to discuss how you can contribute to DoorDash's success in this role.
• Don't underestimate the importance of soft skills, such as communication and leadership, in a technical role like this. Be prepared to discuss your approach to leadership and team management.