Staff Security Program Manager

About The Team

At DoorDash, we’re building the industry’s most scalable and reliable delivery network to support our three-sided marketplace of consumers, merchants, and Dashers. Security is integral to the success of the business, as we secure the data and protect the privacy of our business and various stakeholders. The Security Program Management team spans several capabilities, partnering closely with cross-functional security engineering teams to implement robust security solutions, drive the adoption of secure platforms, and systematically reduce organizational risk.

About The Role

Our team is looking for a Staff Security Program Manager who will be responsible for helping drive our most important security-wide initiatives. Programs will require a strong technical security background, strong cross-organization coordination, stakeholder management, and ownership of results. You will report into the leader of the Security Program Management team.

You’re Excited About This Opportunity Because You Will…

• Design, lead, and execute strategic security programs to mitigate security risks and achieve key security objectives.
• Establish the vision, strategy, technical direction, and success metrics for our security teams.
• Convert insights from DoorDash’s security programs (Threat Defense, Offensive Security, Security Engineering, GRC, Enterprise Security, etc.) and assessments into actionable security programs and large-scale initiatives.
• Collaborate and lead security engineers across various disciplines to integrate and operationalize security controls, promoting widespread adoption of secure solutions and best practices across the organization.
• Establish clear, measurable metrics to demonstrate and track the performance and impact of our security programs and initiatives.
• Manage all stakeholder expectations from leadership to individual teams, possess strong problem-solving and negotiation skills, and earn the trust of partners and teams.
• Lead full life cycle security tool proof-of-concepts.
• Identify and deliver solutions to optimize or automate manual and inefficient processes.
• Coordinate with cross-functional teams, internally and externally, on driving forward security objectives.

We’re Excited About You Because…

• You demonstrate technical security depth within multiple domains. You will develop a full understanding of our technical stack and interdependencies, allowing you to meaningfully contribute to security design decisions and review of RFCs.
• You can deeply and confidently speak to security engineering, system architecture, scalability, and reliability decisions, and design trade-offs.
• You have proven experience independently managing complex security programs and projects, identifying and driving technical solutions, leveraging technical judgment and leadership skills to determine the appropriate course of action based on priority and impact.
• You have a deep understanding of at least two security engineering domains like Identity and Access Management, Security Operations, Detection, Response, Threat Intelligence, Offensive Security, Sec DevOps, Security Risk Management, Security Architecture and Engineering, Network Security, etc.
• You’re a strong leader with the ability to collaborate and build relationships across organizations, bridge gaps between teams, and successfully influence without authority.
• You have strong ownership, urgency, autonomy, and drive. You are willing to roll up your sleeves and dive into the details to understand and drive your programs.
• You have excellent written & verbal communication skills with the ability to communicate security priorities with confidence, clarity, and focus. You can convey concepts and considerations to non-experts and experts alike.
• You have experience driving adoption of security platforms and technologies in large-scale environments.
• You are pragmatic and detailed in your approach and focus on progress, not perfection.
• Must be comfortable regularly exercising discretion and independent judgment in performing job duties, including evaluating options, making informed decisions, and determining appropriate courses of action within the scope of assigned responsibilities.

Qualifications

• 8+ years of experience in the field of security program management or a related security role.
• Bachelor of Science in Computer Science, Security Engineering, Information Systems, or equivalent years of experience in a related technical field.
• Expertise with cloud-based services and infrastructure (AWS, Google Workspace, Google Cloud, etc.).
• Proficiency in SQL data analysis, Python coding, and other automation tooling.
• Project planning and execution skills that include JIRA experience, reviewing technical design documents, security controls, estimating, and scheduling.

Key skills/competency

• Security Program Management
• Risk Mitigation
• Security Engineering
• Cloud Security (AWS, Google Cloud)
• Technical Leadership
• Stakeholder Management
• Python & SQL
• JIRA
• Identity and Access Management
• Security Architecture