Senior Threat Response Engineer, Security Operations

The Threat Response Engineer, Security Operations will be responsible for conducting investigations and response operations across the incident response life-cycle to mitigate threats to DoorDash. This is a critical role that will work closely with cross functional partners to analyze threats, build and execute response playbooks, and strengthen the DoorDash security posture through proactive mitigating controls. The Threat Response Engineer will be part of a follow-the-sun 24x7 model and conduct handover to both US-based and International teams. Preference is for this position to be in the East Coast, US or Hawaii, US. On call and weekend availability will be required.

You will report into the Senior Manager, Cyber Defense in the Security Operations organization, under the Chief Information Security Officer., * Monitor, analyze, and correlate security alerts, logs, and events from various sources

• Lead investigation and containment of security incidents, as incident handler
• Prepare post-mortem reports and conduct lessons learned
• Develop and maintain incident response playbooks and processes
• Coordinate with cross-functional teams, internally and externally, on threats targeting DoorDash
• Lead or participate in security tool proof-of-concepts and documentation
• Identify opportunities for alert development based on threats to DoorDash
• Conduct threat hunting
• Lead training or other education and awareness opportunities for the enterprise as required
• Use monitoring and detection platforms to investigate anomalous activity for potential insider risk.
• Advise and assist in the onboarding and implementation of custom tooling designed to alert on anomalous behaviors.
• Create and maintain a use case library to inform detections, and develop corresponding playbooks and escalation procedures.
• Participate in and support on-call rotation

• 5+ years of experience in Incident Response, Threat Hunt, and/or Security Operations.
• Experience working with Global partners in a follow-the-sun model
• Experience with a broad range of technologies including endpoint detection and network technologies, and SOAR/SIEM platforms
• Experience with AI / LLM technologies to help enrich and automate security operational processes.
• Computer forensics, including analysing Linux and MacOS systems.
• Working knowledge of a scripting language
• Exceptional analytical and investigative abilities
• Experience partnering with cross functional teams to support an investigation
• Excellent understanding of information security operations related frameworks and standards (e.g., MITRE Att&ck and NIST)
• Excellent verbal and written communication, presentation, and stakeholder management skills

At DoorDash we're building the industry's most scalable and reliable delivery network to support our three-sided marketplace of consumers, merchants, and Dashers. Security is integral to the success of the business, as we secure the data and protect the privacy of our business and various stakeholders. The Security Operations team spans several capabilities, to include Threat Response, Detection Engineering, Corporate Security, and Security Platform Engineering. Our Mission is to create a secure DoorDash environment through proactive threat preparation and rapid response. We are committed to protecting our people, partners, customers, and technologies with robust safeguards and unwavering vigilance., At DoorDash, our mission to empower local economies shapes how our team members move quickly, learn, and reiterate in order to make impactful decisions that display empathy for our range of users-from Dashers to merchant partners to consumers. We are a technology and logistics company that started by enabling door-to-door delivery, and we are looking for team members who can help us go from a company that is known as the place you order food to a company that people turn to for any and all goods. DoorDash is growing rapidly and changing constantly, which gives our team members the opportunity to share their unique perspectives, solve new challenges, and own their careers. We're committed to supporting employees' happiness, healthiness, and overall well-being by providing comprehensive benefits and perks including premium healthcare, wellness expense reimbursement, paid parental leave and more. Our Commitment to Diversity and Inclusion We're committed to growing and empowering a more inclusive community within our company, industry, and cities. That's why we hire and cultivate diverse teams of people from all backgrounds, experiences, and perspectives. We believe that true innovation happens when everyone has room at the table and the tools, resources, and opportunity to excel. Statement of Non-Discrimination: In keeping with our beliefs and goals, no employee or applicant will face discrimination or harassment based on: race, color, ancestry, national origin, religion, age, gender, marital/domestic partner status, sexual orientation, gender identity or expression, disability status, or veteran status. Above and beyond discrimination and harassment based on "protected categories," we also strive to prevent other subtler forms of inappropriate behavior (i.e., stereotyping) from ever gaining a foothold in our office. Whether blatant or hidden, barriers to success have no place at DoorDash. We value a diverse workforce - people who identify as women, non-binary or gender non-conforming, LGBTQIA+, American Indian or Native Alaskan, Black or African American, Hispanic or Latinx, Native Hawaiian or Other Pacific Islander, differently-abled, caretakers and parents, and veterans are strongly encouraged to apply. Thank you to the Level Playing Field Institute for this statement of non-discrimination. Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.