Monitor, analyze, and correlate security alerts, logs, and events from various sources
Lead investigation and containment of security incidents, as incident handler
Prepare post-mortem reports and conduct lessons learned
Develop and maintain incident response playbooks and processes
Coordinate with cross-functional teams, internally and externally, on threats targeting DoorDash
Lead or participate in security tool proof-of-concepts and documentation
Identify opportunities for alert development based on threats to DoorDash
Conduct threat hunting
Lead training or other education and awareness opportunities for the enterprise as required
Use monitoring and detection platforms to investigate anomalous activity for potential insider risk
Advise and assist in the onboarding and implementation of custom tooling designed to alert on anomalous behaviors
Create and maintain a use case library to inform detections, and develop corresponding playbooks and escalation procedures
Participate in and support on-call rotation

5+ years of experience in Incident Response, Threat Hunt, and/or Security Operations
Experience working with Global partners in a follow-the-sun model
Experience with a broad range of technologies including endpoint detection and network technologies, and SOAR/SIEM platforms
Experience with AI / LLM technologies to help enrich and automate security operational processes
Computer forensics, including analysing Linux and MacOS systems
Working knowledge of a scripting language
Exceptional analytical and investigative abilities
Experience partnering with cross functional teams to support an investigation
Excellent understanding of information security operations related frameworks and standards (e.g., MITRE Att&ck and NIST)
Excellent verbal and written communication, presentation, and stakeholder management skills

Senior Threat Response Engineer, Security Operations

Key skills