Sr. Security Compliance Specialist

About the Role

The role is part of a dynamic team that is passionate about building a secure and compliant infrastructure that powers DoorDash's multi-sided marketplace. You will report to the Security Compliance Manager and work closely with cross-functional stakeholders to embed measurable and scalable compliance processes across the business.

In this position, you will have the opportunity to contribute to the development of policies, standards, and control design, helping to shape and mature the global compliance program. Your deep understanding of audit and assurance expertise, combined with your ability to operate hands-on and influence program direction, will make you an invaluable asset to the team.

What You Will Do

• Lead the end-to-end execution of internal and external audits, including SOC 1, SOC 2, and PCI DSS, from planning through to reporting.
• Act as the primary point of contact for auditors, coordinating stakeholders and ensuring high-quality, consistent evidence.
• Establish and improve audit readiness processes to reduce disruption and increase efficiency.
• Drive tracking and remediation of audit findings, ensuring issues are resolved sustainably.
• Partner with the Security Compliance Manager to shape and mature the global compliance program.
• Contribute to the design and improvement of control frameworks, ensuring controls are scalable, testable, and aligned to business operations.
• Identify opportunities to improve efficiency and effectiveness across compliance and audit processes, including leveraging automation to streamline evidence collection, control testing, and reporting.
• Support the development and refinement of security policies, standards, and guidance.
• Contribute to compliance awareness and training initiatives, particularly in areas tied to audit findings and control gaps.
• Ensure policies are actionable, testable, and aligned to real-world controls.
• Define and track key compliance and audit metrics, such as control effectiveness, audit findings, and remediation timelines.

What We Are Looking For

• 7+ years of experience in security compliance, GRC, or technology risk, with a strong track record in high-growth, technology-driven, or regulated environments.
• Significant experience leading external audits, including acting as a primary contact for auditors and managing audit lifecycles end-to-end.
• Proven ability to drive readiness and manage the full audit lifecycle, including planning, evidence collection, control testing, and remediation tracking.
• Strong experience implementing and assessing controls across common frameworks such as PCI DSS, SOC 2, ISO 27001, and NIST CSF.
• Demonstrated ability to identify control gaps, assess risk, and drive remediation in partnership with cross-functional stakeholders.
• Experience developing, implementing, or improving security policies, standards, and procedures, ensuring they are practical and aligned to real-world controls.
• Strong understanding of compliance metrics and reporting, with the ability to track control effectiveness, audit outcomes, and risk exposure.
• Ability to influence and drive accountability across technical and non-technical stakeholders without direct authority.
• Excellent verbal and written communication skills, with the ability to translate complex compliance requirements into clear, actionable guidance.

Nice to Have

• Experience with Excel and other data analysis tools.
• Knowledge of emerging trends and technologies in the field of security compliance.
• Certification in a relevant field, such as CISA, CISM, or CISSP.
• Experience working in a fast-paced, dynamic environment with multiple priorities and deadlines.

Benefits and Perks

• Flexible and remote work arrangements, allowing you to work from anywhere.
• Opportunity to be part of a growing and innovative company that is shaping the future of on-demand logistics.
• Competitive compensation package, including salary and benefits.
• Comprehensive health insurance, including medical, dental, and vision.
• Generous PTO policy, allowing you to take time off to recharge and relax.
• Access to professional development opportunities, including training and education programs.
• Collaborative and dynamic work environment, with a team of passionate and talented professionals.

• When applying, make sure to highlight your experience with security compliance frameworks and your ability to lead audits.
• Use tools like Excel to organize and analyze data, and be prepared to provide examples of your work.
• Show a deep understanding of compliance metrics and reporting, and be able to track control effectiveness and audit outcomes.
• Demonstrate your ability to influence and drive accountability across technical and non-technical stakeholders without direct authority.
• Be prepared to provide examples of your experience with security policies, standards, and procedures, and how you have contributed to their development and refinement.
• Show a willingness to learn and adapt to new technologies and trends in the field of security compliance.
• Be prepared to discuss your experience with compliance awareness and training initiatives, and how you have contributed to their development and implementation.