Staff Security Engineer, Proactive Security

About the Role

Security is paramount to DoorDash's success, and the company aspires to be the world's most admired security team. This role contributes directly to that aspiration by building and maintaining the security services and controls that protect DoorDash's global infrastructure system. The ideal candidate will have a passion for security, a collaborative mindset, and the technical expertise to lead and innovate in the field of cloud security.

The role of a Staff Security Engineer, Proactive Security, is complex and multifaceted, requiring a deep understanding of security principles, cloud infrastructure, and the ability to design and implement automated security controls. It demands a strong technical background, excellent communication skills, and the ability to work effectively in a cross-functional team environment. This position is about making a significant impact on the security posture of DoorDash and contributing to the company's mission of delivering excellence.

What You Will Do

• Threat model, design, harden, and operationalize Product and Cloud Security services and controls at DoorDash scale.
• Define, document, and implement security standards, guidelines, and procedures to design and implement automated security controls and remediation tools with rigor and developer ergonomics.
• Partner cross-functionally with Core Infrastructure, Product Engineering, Legal, Security teams, and Vendor Partners to build 'paved paths' that provide actionable feedback to embed secure design practices into the product and infrastructure development process.
• Lead the technical direction and roadmap execution for your assigned area of ownership.
• Build and maintain high Operational Excellence (OE) to ensure services operate with excellence, rigor, and durable standards to ensure minimal downtime.
• Participate in on-call rotation and promptly respond to on-call events with urgency and rigor.
• Manage the lifecycle of product and cloud security vulnerabilities, from identification, triage, and driving remediation, reporting, and metrics.
• Influence and enable the secure and responsible adoption of LLMs and AI tools.
• Mentor and coach earlier career engineers, setting high standards for Operational Excellence and Security Engineering.
• Collaborate with various teams to ensure alignment and effective implementation of security practices across the organization.
• Stay up-to-date with the latest security trends, threats, and technologies, applying this knowledge to continuously improve DoorDash's security posture.

What We Are Looking For

• 8+ years of experience as a security engineer in a product security or infrastructure security discipline.
• Demonstrated track record of driving foundational improvements to a company's infrastructure security posture.
• Breadth of technical experience across various infrastructure and security areas running in large production environments.
• Deep understanding of each OWASP top 10 vulnerability, distributed systems security, and design.
• Experience in CI/CD pipelines to automate security control enforcement and testing.
• Proficiency in analyzing code, architecture, and designs from a security perspective.
• Well-versed with scripting languages (e.g., Python) and other programming languages (e.g., Java).
• Golang experience is a plus.
• Strong experience with infrastructure as a code tooling like Terraform.
• Expertise with cloud infrastructure and management in GCP and AWS.
• Experience solving complex, systemic issues that require creative thinking and solutions.
• Exceptional analytical and investigative abilities with hands-on experience leading root cause analysis.
• Excellent verbal and written communication skills, with the ability to understand and review design documents with respect to cloud infrastructure with engineering personnel.

Nice to Have

• Experience with security compliance frameworks and standards.
• Knowledge of containerization and orchestration technologies (e.g., Docker, Kubernetes).
• Familiarity with security testing and vulnerability assessment tools.
• Certification in security (e.g., CISSP, CISM) or cloud platforms (e.g., AWS Certified Security - Specialty).

Benefits and Perks

• Competitive salary and bonus structure.
• Comprehensive health insurance package.
• Flexible PTO policy and holidays.
• Remote work stipend to support your home office setup.
• Professional development opportunities, including training and conference sponsorships.
• Access to the latest technologies and tools in cloud security and infrastructure.
• Collaboration with a talented team of security professionals.
• Opportunity to make a significant impact on the security posture of a leading tech company.

• Develop a deep understanding of cloud security platforms, particularly GCP and AWS, to stand out in your application.
• Highlight your experience with automation and scripting, especially with tools like Terraform, to demonstrate your ability to operationalize security controls.
• Prepare to discuss your approach to threat modeling and vulnerability management, showcasing your analytical and problem-solving skills.
• Showcase your ability to communicate complex technical concepts to both technical and non-technical stakeholders, a critical skill for success in this role.
• Be ready to provide examples of your experience with CI/CD pipelines and security testing, illustrating your proficiency in integrating security into the development lifecycle.
• Emphasize your collaborative mindset and experience working in cross-functional teams, as this role requires effective partnership with various stakeholders.
• Keep your portfolio and certifications up-to-date, ensuring you have the latest security certifications and a portfolio that demonstrates your expertise in cloud security and infrastructure.