Senior Threat Response Engineer, Security Operations

DoorDash is building a scalable and reliable delivery network, and security is integral to their success. The Senior Threat Response Engineer will conduct investigations and response operations to mitigate threats, working closely with cross-functional teams to enhance DoorDash's security posture.

Responsibilities:

• Monitor, analyze, and correlate security alerts, logs, and events from various sources
• Lead investigation and containment of security incidents, as incident handler
• Prepare post-mortem reports and conduct lessons learned
• Develop and maintain incident response playbooks and processes
• Coordinate with cross-functional teams, internally and externally, on threats targeting DoorDash
• Lead or participate in security tool proof-of-concepts and documentation
• Identify opportunities for alert development based on threats to DoorDash
• Conduct threat hunting
• Lead training or other education and awareness opportunities for the enterprise as required
• Use monitoring and detection platforms to investigate anomalous activity for potential insider risk
• Advise and assist in the onboarding and implementation of custom tooling designed to alert on anomalous behaviors
• Create and maintain a use case library to inform detections, and develop corresponding playbooks and escalation procedures
• Participate in and support on-call rotation

Requirements:

• 5+ years of experience in Incident Response, Threat Hunt, and/or Security Operations
• Experience working with Global partners in a follow-the-sun model
• Experience with a broad range of technologies including endpoint detection and network technologies, and SOAR/SIEM platforms
• Experience with AI / LLM technologies to help enrich and automate security operational processes
• Computer forensics, including analysing Linux and MacOS systems
• Working knowledge of a scripting language
• Exceptional analytical and investigative abilities
• Experience partnering with cross functional teams to support an investigation
• Excellent understanding of information security operations related frameworks and standards (e.g., MITRE Att&ck and NIST)
• Excellent verbal and written communication, presentation, and stakeholder management skills