At DoorDash we’re building the industry’s most scalable and reliable delivery network to support our three-sided marketplace of consumers, merchants, and Dashers. Security is integral to the success of the business, as we secure the data and protect the privacy of our business and various stakeholders. The Security Operations team spans several capabilities, to include Threat Response, Threat Hunt, Threat Intelligence, Detection Engineering, Corporate Security, and Security Platform Engineering. Our Mission is to create a secure DoorDash environment through proactive threat preparation and rapid response. We are committed to protecting our people, partners, customers, and technologies with robust safeguards and unwavering vigilance.
About the RoleThe Detection Engineer will be embedded with Security Operations investigations and response teams and be responsible for designing, building, and tuning high-fidelity detections for the DoorDash environment. This is a critical role that will work closely with multiple cross-functional partners to analyze threat intelligence and develop use cases, build and validate custom content, and create automations to strengthen the DoorDash security posture through proactive detection controls and effective monitoring. On call and weekend availability will be required.
You will report into the Senior Manager, Threat Defense in the Security Operations organization, under the Chief Information Security Officer.
You’re excited about this opportunity because you will… Conduct hands-on detection engineering for custom alerting, to include implementing risk-based analytics to reduce alert volumes and promote high-fidelity alert content Use threat intelligence and deep understanding of adversary tactics to build custom detections tailored to multiple environments and use cases Build automation workflows for alerts and define response scenarios for event follow-up and escalation. Leverage security tooling, logs, and custom telemetry to build detections at scale Work with structured and unstructured logs to create meaningful content Maintain detection repositories, use case libraries, and conduct routine content updates Coordinate with cross-functional teams, internally and externally, on threats targeting DoorDash Lead or participate in security tool proof-of-concepts and documentation Lead training or other education and awareness opportunities for the enterprise as required Participate in and support on-call rotation We’re excited about you because… 7+ years of experience in secure coding, alert development, and detection engineering. Experience with a broad range of technologies including endpoint detection and network technologies, and SOAR/SIEM platforms Deep knowledge of querying and scripting scripting language Deep knowledge of cloud and distributed IT environments Deep understanding of log sources, forwarders, parsing, and data pipelines Experience working with Global and cross-functional partners Experience partnering with cross functional teams to support an investigation Excellent understanding of information security operations related frameworks and standards (e.g., MITRE Att&ck and NIST) Excellent verbal and written communication, presentation, and stakeholder management skills
Applications for this position are accepted on an ongoing basis
Notice to Applicants for Jobs Located in NYC or Remote Jobs Associated With Office in NYC Only
We use Covey as part of our hiring and/or promotional process for jobs in NYC and certain features may qualify it as an AEDT in NYC. As part of the hiring and/or promotion process, we provide Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound from August 21, 2023, through December 21, 2023, and resumed using Covey Scout for Inbound again on June 29, 2024.
The Covey tool has been reviewed by an independent auditor. Results of the audit may be viewed here: Covey