[Remote] Senior Security Engineer, Red Team

Note: The job is a remote job and is open to candidates in USA. DoorDash is a technology and logistics company committed to building the most scalable and reliable delivery network. The Senior Security Engineer, Red Team will conduct threat intelligence-informed adversary emulations to identify security improvement opportunities and assess the security posture of critical assets and products.

Responsibilities

• Plan and execute realistic adversary simulations using curated threat intelligence to assess security opportunities, and detection and response capabilities
• Hunt for vulnerabilities across AI systems, payment infrastructure, autonomous delivery hardware, and emerging technologies before adversaries do
• Exercise range of expertise to include cyber, insider, and fraud Red Team testing scenarios
• Build custom tools, exploits, and payloads tailored to DoorDash's unique and evolving tech stack
• Partner with Blue Teams to escalate emerging threats and develop proactive detection or defensive strategies
• Advise leadership on emerging threats and shape the security strategy for one of the world's most complex logistics platforms

Skills

• 5+ years of experience in Red Teaming and Purple Teaming
• You are passionate about offensive security and care about improving your craft every day
• You think like an adversary. You have deep, experiential knowledge of APT and insider threat TTPs, not just theoretical familiarity
• Experience partnering with cross-functional teams to secure diverse environments, providing feedback loops that articulate business risks and generate actionable intelligence
• You've run full-scope operations across multi-platform and cloud environments, and you know how to build the malware and tooling to support them
• Strong knowledge of one of Python, Golang, Rust, Kotlin, Java, or Powershell
• Experience using and developing tooling, methodologies and scalable infrastructure to support red team engagements capabilities (e.g. command and control frameworks, phishing environment, exploits)
• Experience with Command and Control (C2) frameworks
• Experience with Defense Evasion to bypass security tooling (e.g. Endpoint Detection and Response)
• Excellent understanding of information security operations related frameworks and standards (e.g., MITRE Att&ck)
• Experience providing technical leadership and guidance, and thinking strategically and analytically to solve problems
• Excellent communication, presentation, and stakeholder management skills
• Engages with a people-first approach, is able to facilitate a conversation rather than dictate it, and is empathetic to divergent viewpoints

Benefits

• Opportunities for equity grants
• 401(k) plan with employer matching
• 16 weeks of paid parental leave
• Wellness benefits
• Commuter benefits match
• Paid time off and paid sick leave in compliance with applicable laws (e.g. Colorado Healthy Families and Workplaces Act)
• Medical, dental, and vision benefits
• 11 paid holidays
• Disability and basic life insurance
• Family-forming assistance
• Mental health program
• Flexible paid time off/vacation, plus 80 hours of paid sick time per year for salaried roles
• Vacation accrued at about 1 hour for every 25.97 hours worked (e.g. about 6.7 hours/month if working 40 hours/week; about 3.4 hours/month if working 20 hours/week) for hourly roles
• Paid sick time accrued at 1 hour for every 30 hours worked (e.g. about 5.8 hours/month if working 40 hours/week; about 2.9 hours/month if working 20 hours/week) for hourly roles
• Premium healthcare
• Wellness expense reimbursement
• Paid parental leave

Company Overview

Company H1B Sponsorship