Security Engineer, Insider Threat

DoorDashDoorDash·Remote(Flexible / Remote)
Software Development
Excel

WFA Digital Insight

As the remote job market expands, demand for cybersecurity specialists like insider threat engineers has skyrocketed. With the global cybersecurity market projected to reach $300 billion by 2027, professionals with expertise in threat intelligence and incident response are in high demand. DoorDash, a leader in the food delivery space, is no exception. The company's commitment to protecting its customers, partners, and employees requires a highly skilled security team. With the rise of remote work, insider threats have become a growing concern for companies, making this role both challenging and critical. Before applying, candidates should be aware that a strong background in security operations, threat analysis, and ethical investigations is essential.

Job Description

About the Role

The Security Engineer, Insider Threat role at DoorDash is a critical position focused on identifying, investigating, and mitigating insider threats across the organization. This involves using advanced threat detection tools and techniques to analyze potential security breaches and developing strategies to prevent future incidents. The selected candidate will be part of the Security Operations team, working closely with other security professionals to ensure the highest level of security and compliance.

The role is integral to DoorDash's overall security posture, given the company's extensive network of consumers, merchants, and Dashers. The ability to detect and respond to insider threats in a timely and effective manner is crucial for protecting sensitive data and preventing financial losses.

The Security Engineer will report to the Director, Security Operations, under the Chief Information Security Officer, and will be responsible for collaborating with multiple internal teams, including Legal, HR, and other security teams, to ensure coordinated investigation and response efforts.

What You Will Do

  • Conduct complex investigations into anomalous events and behaviors that may pose a risk to the company
  • Analyze threat intelligence to identify potential insider threats and develop use cases to inform detection capabilities
  • Develop and maintain a use case library to support threat detection and response efforts
  • Create and implement standard operating procedures for investigation and response collaboration between teams
  • Utilize monitoring and detection platforms to identify potential insider risks and develop detections to proactively identify similar behaviors at scale
  • Support the onboarding, implementation, and improvement of custom tooling designed to alert on anomalous behaviors
  • Create and maintain documentation, such as reports and briefings, for leadership and other stakeholders
  • Prepare investigative reports and briefings for leadership
  • Maintain chain-of-evidence and engage with External Law Enforcement when required
  • Lead training or other education and awareness opportunities for the enterprise as required
  • Collaborate with cross-functional teams to ensure coordinated investigation and response efforts

What We Are Looking For

  • 2-5+ years of experience in insider threat investigations, incident response, or federal law enforcement
  • Strong verbal and written communication skills with experience presenting findings to stakeholders
  • Experience conducting ethical, complex investigations in partnership with Legal, HR, and cross-functional stakeholders
  • Hands-on experience with insider risk and security tooling, including SIEM/SOAR platforms, UEBA, UAM, and DLP tools
  • Proficiency querying large-scale datasets to support investigations (e.g., SQL) and familiarity with log sources, data pipelines, and parsing
  • Familiarity with scripting and automation, and experience working in cloud and distributed environments using version control
  • Experience with Excel or similar data analysis tools
  • Ability to work in a fast-paced environment and adapt to changing priorities

Nice to Have

  • Experience with cloud security platforms and cloud-based threat detection tools
  • Knowledge of compliance frameworks and regulations, such as GDPR and HIPAA
  • Experience with machine learning or artificial intelligence applications in security
  • Certification in security or a related field (e.g., CISSP, CEH)

Benefits and Perks

  • Competitive base salary
  • Opportunities for equity grants
  • Comprehensive benefits package, including 401(k) plan with employer matching
  • 16 weeks of paid parental leave
  • Flexible working hours and remote work options
  • Access to professional development and training opportunities
  • Recognition and reward programs for outstanding performance
  • DoorDash product discounts and other employee perks

How to Stand Out

  • Develop a strong portfolio showcasing your experience in insider threat investigations and security operations.
  • Highlight your proficiency in tools like SIEM/SOAR platforms, UEBA, UAM, and DLP tools.
  • Prepare to discuss specific examples of complex investigations you've led and how you've implemented threat detection and response strategies.
  • Familiarize yourself with cloud security and compliance frameworks to stand out as a candidate.
  • Be ready to negotiate your salary based on your experience and the market rate for similar positions in the cybersecurity industry.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.