Jobs · Information Technology

Senior Security Engineer, Red Team

DoorDash · United States · 1 wk ago
RemoteRemoteInformation Technology$160k–$235k/yrFull-time

About the Team

At DoorDash we’re building the industry’s most scalable and reliable delivery network to support our three-sided marketplace of consumers, merchants, and Dashers. Security is paramount to the success of our business, and DoorDash Security aspires to be the world’s best security team. We are committed to protecting our people, partners, customers, and technologies with robust safeguards and unwavering vigilance.

About the Role

The Senior Security Engineer, Red Team will be responsible for conducting threat intelligence-informed adversary emulations to simulate real-world cyber attacks and proactively identify security improvement opportunities in the DoorDash environment. This role will work closely with cross-functional teams across the company and assess the security posture of DoorDash’s critical assets and products.

This role operates with the necessary freedom and accountability to complete full-scope Red Team operations against any valuable objectives in the company, providing a crucial feedback loop for all efforts in upholding customer trust.

We’re Excited About You Because...

  • You are passionate about offensive security and care about improving your craft every day
  • You think like an adversary. You have deep, experiential knowledge of APT and insider threat TTPs, not just theoretical familiarity
  • You’ve run full-scope operations across multi-platform and cloud environments, and you know how to build the malware and tooling to support them
  • You have strong knowledge of one of Python, Golang, Rust, Kotlin, Java, or Powershell
  • You’ve experience using and developing tooling, methodologies and scalable infrastructure to support red team engagements capabilities (e.g. command and control frameworks, phishing environment, exploits)
  • You have experience with Command and Control (C2) frameworks
  • You have experience with Defense Evasion to bypass security tooling (e.g. Endpoint Detection and Response)
  • You have excellent understanding of information security operations related frameworks and standards (e.g., MITRE Att&ck)
  • You have experience providing technical leadership and guidance, and thinking strategically and analytically to solve problems
  • You have excellent communication, presentation, and stakeholder management skills
  • You engage with a people-first approach, are able to facilitate a conversation rather than dictate it, and are empathetic to divergent viewpoints

Similar jobs