Security Engineer, Detection and Response

United States - Remote

Full Time Senior-level / Expert USD 153K - 182K
DoorDash logo


When you join our team, you join our dream: to grow and empower local economies. We’re focused on improvement—from moving faster to leveling up the quality of our product—and our work is never complete. If you’re looking to define your career...

View all employer listings

Apply now Apply later

About the Team

Come help us build the world's most trusted on-demand, logistics engine for delivery! We're building a team of great minds to help us secure and maintain a 24x7, no downtime, global infrastructure system that powers DoorDash’s multi-sided marketplace of consumers, merchants, and drivers.

About the Role

The Information Security team is looking for a Security Engineer to enhance SOC/SIEM technologies to provide advanced monitoring and anomalous detection capabilities for DoorDash systems. You will be a part of our inclusive, collaborative team responsible for building a safe and reliable delivery network. On the Security team we need to protect all of our customers, as well as the logistics engine itself. It’s no simple task, but it wouldn’t be interesting if it was!

You're excited about this opportunity because you will…
  • Work directly with engineering and security leaders to build and operate infrastructure and automation to detect and respond to intrusions and security threats.
  • Develop detection strategies to identify anomalous behaviors and attacks to ensure safety within our enterprise network, corporate services, and platform applications running within a cloud environment
  • Build automation workflows for alerts and define response scenarios for event follow-up and escalation.
  • Research and analyze patterns in security events across DoorDash’s global infrastructure.
  • Define rules within the SOC to help trigger meaningful security alerts and work to remove non-significant alerts and false-positives
  • Assist with incident response as events are escalated, including triage, remediation and documentation
  • Work with the existing SIEM to analyze data to help prioritize security events.
  • Maintain strong knowledge of current threat intelligence, threat mitigations and security operational best practices
  • Stay current with and remain knowledgeable about new threats. Analyze attacker tactics, techniques and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems
  • Participate in and support the on-call rotation for Security Operations
We're excited about you because you have…
  • 5+ years of combined experience within detection and response, infrastructure engineering, or system administration in an information security discipline.
  • Background in threat hunting, forensics, or threat intelligence.
  • Proficient in monitoring devices such as network and host-based intrusion detection systems, web application firewalls, database security monitoring systems, endpoint security solutions, file integrity monitoring tools, application and operating system logs
  • Experience with a broad range of technologies including endpoint detection, network technologies, and SIEM.
  • Proficient in one or more SIEM (e.g., QRadar, Splunk, LogRhythm, ArcSight, Securonix, Sumo Logic, Exabeam)
  • Breadth of technical experience across various infrastructure and security areas running in large production environments.
  • Working knowledge of scripting languages (e.g., Python, Java, shell scripting)
  • Exceptional analytical and investigative abilities with hands-on experience leading root cause analysis.
  • Experience solving complex, systemic issues that require creative thinking and solutions.
  • Demonstrated track record of driving improvements to a company’s security posture.
  • Expertise with cloud infrastructure and management in AWS, GCP, or Azure.
  • Basic knowledge of adversary tactics, techniques and procedures (TTPs) and MITRE ATT&ACK principles.
  • Excellent verbal and written communication skills - you can explain security design with respect to cloud infrastructure to security and engineering personnel. 
About DoorDash

At DoorDash, our mission to empower local economies shapes how our team members move quickly, learn, and reiterate in order to make impactful decisions that display empathy for our range of users—from Dashers to merchant partners to consumers. We are a technology and logistics company that started with door-to-door delivery, and we are looking for team members who can help us go from a company that is known for delivering food to a company that people turn to for any and all goods. 

DoorDash is growing rapidly and changing constantly, which gives our team members the opportunity to share their unique perspectives, solve new challenges, and own their careers. We're committed to supporting employees’ happiness, healthiness, and overall well-being by providing comprehensive benefits and perks including premium healthcare, wellness expense reimbursement, paid parental leave and more.

Our Commitment to Diversity and Inclusion

We’re committed to growing and empowering a more inclusive community within our company, industry, and cities. That’s why we hire and cultivate diverse teams of people from all backgrounds, experiences, and perspectives. We believe that true innovation happens when everyone has room at the table and the tools, resources, and opportunity to excel. 

Statement of Non-Discrimination: In keeping with our beliefs and goals, no employee or applicant will face discrimination or harassment based on: race, color, ancestry, national origin, religion, age, gender, marital/domestic partner status, sexual orientation, gender identity or expression, disability status, or veteran status. Above and beyond discrimination and harassment based on “protected categories,” we also strive to prevent other subtler forms of inappropriate behavior (i.e., stereotyping) from ever gaining a foothold in our office. Whether blatant or hidden, barriers to success have no place at DoorDash. We value a diverse workforce – people who identify as women, non-binary or gender non-conforming, LGBTQIA+, American Indian or Native Alaskan, Black or African American, Hispanic or Latinx, Native Hawaiian or Other Pacific Islander, differently-abled, caretakers and parents, and veterans are strongly encouraged to apply. Thank you to the Level Playing Field Institute for this statement of non-discrimination.

Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.

Pursuant to the Colorado Fair Pay Act, the base salary range in Colorado for this position is $153,000 - $182,750, plus opportunities for equity and commission. Compensation in other geographies may vary.

If you need any accommodations, please inform your recruiting contact upon initial connection.

Job regions: Remote/Anywhere North America
Job country: United States
Job stats:  9  0  0
  • Share this job via
  • or

Other jobs like this

Explore more Cyber Security career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.