Staff Security Engineer, Proactive Security

About The Team

At DoorDash, we are committed to building the industry’s most scalable and reliable delivery network. Security is paramount to our success. The DoorDash Security team aims to be the world’s most admired security team, securing our 24x7, no downtime, global infrastructure that powers DoorDash’s multi-sided marketplace.

About The Role

Our Security Engineering team is seeking a Staff Security Engineer, Proactive Security to lead threat modeling, hardening, and operation of security services within DoorDash’s Product and Cloud Security domains. You will join an inclusive, collaborative global team responsible for building “paved paths” to ensure a safe, reliable, and resilient delivery network. This position is remote, open to candidates in the US or Canada, and reports to the Manager of the Security Engineering team.

What You Will Do

• Threat model, design, harden, and operationalize Product and Cloud Security services and controls at DoorDash scale.
• Define, document, and implement security standards, guidelines, and procedures to design and implement automated security controls and remediation tools with rigor and developer ergonomics.
• Partner cross-functionally with Core Infrastructure, Product Engineering, Legal, other Security teams, and Vendor Partners to build “paved paths” that provide actionable feedback to embed secure design practices into the product and infrastructure development process.
• Lead the technical direction and roadmap execution for your assigned area of ownership.
• Build and maintain high Operational Excellence (OE) to ensure services operate with rigor and durable standards, minimizing downtime.
• Participate in on-call rotation and promptly respond to on-call events with urgency and rigor.
• Manage the lifecycle of product and cloud security vulnerabilities, from identification, triage, and driving remediation, reporting, and metrics.
• Influence and enable the secure and responsible adoption of LLMs and AI tools.
• Mentor and coach earlier career engineers, setting high standards for Operational Excellence and Security Engineering.

What We're Looking For

• 8+ years of experience as a security engineer in a product security or infrastructure security discipline.
• A proven track record of driving foundational improvements to a company’s infrastructure security posture.
• Breadth of technical experience across various infrastructure and security areas running in large production environments.
• Deep understanding of each OWASP top 10 vulnerability, distributed systems security, and design.
• Experience in CI/CD pipelines to automate security control enforcement and testing; proficient in analyzing code, architecture, and designs from a security perspective.
• Well versed with scripting languages (e.g., Python) and other programming languages (e.g., Java). Golang experience is a plus.
• Strong experience with infrastructure as code tooling like Terraform.
• Expertise with cloud infrastructure and management in GCP and AWS.
• Experience solving complex, systemic issues that require creative thinking and solutions.
• Exceptional analytical and investigative abilities with hands-on experience leading root cause analysis.
• Excellent verbal and written communication skills – capable of understanding and reviewing design documents with engineering personnel.

Key Skills/Competency

• Threat Modeling
• Cloud Security
• Product Security
• Security Controls Automation
• Vulnerability Management
• CI/CD Security
• Infrastructure as Code (Terraform)
• GCP & AWS
• Python / Java / Golang
• Operational Excellence