About the Team

At DoorDash we’re building the industry’s most scalable and reliable delivery network to support our three-sided marketplace of consumers, merchants, and Dashers. Security is integral to the success of the business, as we secure the data and protect the privacy of our business and various stakeholders. The Security Operations team spans several capabilities, to include Threat Response, Detection Engineering, Corporate Security, and Security Platform Engineering. Our Mission is to create a secure DoorDash environment through proactive threat preparation and rapid response. We are committed to protecting our people, partners, customers, and technologies with robust safeguards and unwavering vigilance. 

About the Role

The Threat Response Engineer, Security Operations will be responsible for conducting investigations and response operations across the incident response life-cycle to mitigate fraud, cyber, and insider threats to DoorDash. This is a critical role that will work closely with cross functional partners to analyze threats, build and execute response playbooks, and strengthen the DoorDash security posture through proactive mitigating controls. The Threat Response Engineer will be part of a follow-the-sun 24x7 model and conduct handover to both US-based and International teams. Preference is for this position to be in East Coast, US (UTC-5) or Western Australia (UTC+8) for 9am-5pm shift coverage in those timezones; however, additional locations that can accommodate the shift coverage with an alternate schedule will be considered. On call and weekend availability will be required.  You will report into the Senior Manager, Threat Defense in the Security Operations organization, under the Chief Information Security Officer.

You’re excited about this opportunity because you will…

• Monitor, analyze, and correlate security alerts, logs, and events from various sources
• Lead investigation and containment of security incidents, as incident handler
• Prepare post-mortem reports and conduct lessons learned 
• Develop and maintain incident response playbooks and processes
• Coordinate with cross-functional teams, internally and externally, on threats targeting DoorDash
• Lead or participate in security tool proof-of-concepts and documentation
• Identify opportunities for alert development based on threats to DoorDash
• Conduct threat hunting 
• Lead training or other education and awareness opportunities for the enterprise as required 
• Participate in and support on-call rotation

We’re excited about you because…

• 5+ years of experience in Incident Response, Threat Hunt, and/or Security Operations.
• Experience working with Global partners in a follow-the-sun model
• Experience with a broad range of technologies including endpoint detection and network technologies, and SOAR/SIEM platforms
• Working knowledge of a scripting language
• Exceptional analytical and investigative abilities 
• Experience partnering with cross functional teams to support an investigation
• Excellent understanding of information security operations related frameworks and standards (e.g., MITRE Att&ck and NIST)
• Excellent verbal and written communication, presentation, and stakeholder management skills