Senior Threat Response Engineer, Security Operations
About The Position
At DoorDash we’re building the industry’s most scalable and reliable delivery network to support our three-sided marketplace of consumers, merchants, and Dashers. Security is integral to the success of the business, as we secure the data and protect the privacy of our business and various stakeholders. The Security Operations team spans several capabilities, to include Threat Response, Detection Engineering, Corporate Security, and Security Platform Engineering. Our Mission is to create a secure DoorDash environment through proactive threat preparation and rapid response. We are committed to protecting our people, partners, customers, and technologies with robust safeguards and unwavering vigilance. The Threat Response Engineer, Security Operations will be responsible for conducting investigations and response operations across the incident response life-cycle to mitigate threats to DoorDash. This is a critical role that will work closely with cross functional partners to analyze threats, build and execute response playbooks, and strengthen the DoorDash security posture through proactive mitigating controls. The Threat Response Engineer will be part of a follow-the-sun 24x7 model and conduct handover to both US-based and International teams. Preference is for this position to be in the East Coast, US or Hawaii, US. On call and weekend availability will be required.
Requirements
- 5+ years of experience in Incident Response, Threat Hunt, and/or Security Operations.
- Experience working with Global partners in a follow-the-sun model
- Experience with a broad range of technologies including endpoint detection and network technologies, and SOAR/SIEM platforms
- Experience with AI / LLM technologies to help enrich and automate security operational processes.
- Computer forensics, including analysing Linux and MacOS systems.
- Working knowledge of a scripting language
- Exceptional analytical and investigative abilities
- Experience partnering with cross functional teams to support an investigation
- Excellent understanding of information security operations related frameworks and standards (e.g., MITRE Att&ck and NIST)
- Excellent verbal and written communication, presentation, and stakeholder management skills
Responsibilities
- Monitor, analyze, and correlate security alerts, logs, and events from various sources
- Lead investigation and containment of security incidents, as incident handler
- Prepare post-mortem reports and conduct lessons learned
- Develop and maintain incident response playbooks and processes
- Coordinate with cross-functional teams, internally and externally, on threats targeting DoorDash
- Lead or participate in security tool proof-of-concepts and documentation
- Identify opportunities for alert development based on threats to DoorDash
- Conduct threat hunting
- Lead training or other education and awareness opportunities for the enterprise as required
- Use monitoring and detection platforms to investigate anomalous activity for potential insider risk.
- Advise and assist in the onboarding and implementation of custom tooling designed to alert on anomalous behaviors.
- Create and maintain a use case library to inform detections, and develop corresponding playbooks and escalation procedures.
- Participate in and support on-call rotation
Benefits
- comprehensive benefits package
- 401(k) plan with employer matching
- 16 weeks of paid parental leave
- wellness benefits
- commuter benefits match
- paid time off
- paid sick leave in compliance with applicable laws (e.g. Colorado Healthy Families and Workplaces Act)
- medical benefits
- dental benefits
- vision benefits
- 11 paid holidays
- disability and basic life insurance
- family-forming assistance
- mental health program
- premium healthcare
- wellness expense reimbursement
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
