Staff Security Program Manager

About The Position

Requirements

• You demonstrate technical security depth within multiple domains. You will develop a full understanding of our technical stack and interdependencies, allowing you to meaningfully contribute to security design decisions and review of RFCs.
• You can deeply and confidently speak to security engineering, system architecture, scalability and reliability decisions, and design trade offs.
• You have proven experience independently managing complex security programs and projects, identifying and driving technical solutions, leveraging technical judgement and leadership skills to determine the appropriate course of action based on priority and impact.
• You have a deep understanding of at least two security engineering domains like Identity and Access Management, Security Operations, Detection, Response, Threat Intelligence, Offensive Security, Sec DevOps, Security Risk Management, Security Architecture and Engineering, Network Security, etc
• You’re a strong leader with the ability to collaborate and build relationships across organizations, bridge gaps between teams, and successfully influence without authority.
• You have strong ownership, urgency, autonomy and drive. You are willing to roll up your sleeves and dive into the details to understand and drive your programs.
• You have excellent written & verbal communication skills with the ability to communicate security priorities with confidence, clarity, and focus. You can convey concepts and considerations to non-experts and experts alike.
• You have experience driving adoption of security platforms and technologies in large-scale environments
• You are pragmatic and detailed in your approach and focus on progress, not perfection.
• 8+ years of experience in the field of security program management or a related security role.
• Bachelor of Science in Computer Science, Security Engineering, Information Systems, or equivalent years of experience in a related technical field
• Expertise with cloud-based services and infrastructure (AWS, Google Workspace, Google Cloud, etc.)
• Proficiency in SQL data analysis, Python coding, and other automation tooling.
• Project planning and execution skills that include JIRA experience, reviewing technical design documents, security controls, estimating, and scheduling.

Responsibilities

• Design, lead, and execute strategic security programs to mitigate security risks and achieve key security objectives
• Establish the vision, strategy, technical direction and success metrics for our security teams
• Convert insights from DoorDash’s security programs (Threat Defense, Offensive Security, Security Engineering, GRC, Enterprise Security, etc.) and assessments into actionable security programs and large scale initiatives
• Collaborate and lead security engineers across various disciplines to integrate and operationalize security controls, promoting widespread adoption of secure solutions and best practices across the organization
• Establish clear, measurable metrics to demonstrate and track the performance and impact of our security programs and initiatives
• Manage all stakeholder expectations from leadership to individual teams, possess strong problem solving and negotiation skills, and earn the trust of partners and teams.
• Lead full life cycle security tool proof-of-concepts
• Identify and deliver solutions to optimize or automate manual and inefficient processes
• Coordinate with cross-functional teams, internally and externally, on driving forward security objectives.

Benefits

• a 401(k) plan with employer matching
• 16 weeks of paid parental leave
• wellness benefits
• commuter benefits match
• paid time off and paid sick leave in compliance with applicable laws (e.g. Colorado Healthy Families and Workplaces Act)
• medical, dental, and vision benefits
• 11 paid holidays
• disability and basic life insurance
• family-forming assistance
• a mental health program