Role overview

Staff Security Engineer, Proactive Security

Requirements and responsibilities

Readable role content extracted into sections for faster review.

You’re excited about this opportunity because you will…

  • Set and own strategic roadmaps for assigned security partner pod and work directly with product, engineering and security leaders to ship product security outcomes into DoorDash’s platform.
  • Prioritize customer experience, ergonomics and thoughtful security design to prevent an adverse impact to dashers from security flaws.
  • Go deep and become an expert in the Dasher Logistics engineering vertical, focusing on resolving classes of security vulnerabilities affecting the Dasher ecosystem.
  • Partner cross-functionally with Core Infrastructure, Product Engineering, Legal, and Security Platform teams to build "paved paths" that provide actionable feedback to embed secure design practices.
  • Advise and mentor other security engineers to build and deploy security measures and services to secure DoorDash platform and its applications for assigned verticals.
  • Build solutions to address complex security challenges impacting DoorDash products, performing hands-on manual and automated code reviews to identify vulnerabilities in APIs, microservices, and mobile apps.
  • Conduct regular application security assessments and manage the lifecycle of application vulnerabilities, from identification to remediation, reporting, and metrics.
  • Integrate and manage security tools into the CI/CD process and develop tools and automated agentic harnesses for improving our Security efficiency.

We’re excited about you because…

  • 10+ years of experience as a Software Engineering archetype Product Security Engineer.
  • Experience working with Global teams managing a diverse portfolio of products and partnering with engineering, product, fraud, and others to secure diverse environments.
  • Experience providing technical leadership and guidance, and thinking strategically and analytically to solve problems with excellent communication, presentation, and stakeholder management skills.
  • Lead with a people-first approach, able to facilitate a conversation rather than dictate it, and is empathetic to divergent viewpoints.
  • Expert understanding of authorization and authentication framework and technologies, with hands-on experience building and deploying secured microservices.
  • Hands-on experience understanding, identifying, and fixing OWASP top 10 and similar vulnerabilities, with a strong interest in analyzing code, architecture, and design from a security perspective.
  • Well-versed in at least one object-oriented programming language (e.g., Java, Golang).
  • Experience with mobile security app hardening, application shielding, and threat modeling mobile APIs is a strong plus.
  • Breadth of technical experience across various application and product security areas running in large cloud native production environments.

See below for paid time off details:

  • For salaried roles: flexible paid time off/vacation, plus 80 hours of paid sick time per year.
  • For hourly roles: vacation accrued at about 1 hour for every 25.97 hours worked (e.g. about 6.7 hours/month if working 40 hours/week; about 3.4 hours/month if working 20 hours/week), and paid sick time accrued at 1 hour for every 30 hours worked (e.g. about 5.8 hours/month if working 40 hours/week; about 2.9 hours/month if working 20 hours/week).
Similar roles

Keep a backup shortlist.

Browse stack
FocusSecurity EngineeringRole area
Seniority signalSeniorCandidate level
StackCI/CD, Golang, JavaPrimary skills
Location1 accepted countryEligibility

Stack

Use these tags to compare similar remote roles.

Location eligibility

Candidates should apply only when their profile country is listed here.

Your profileCountry not setSign in to check your country against this role.

Hiring flow

WithMira shows the role, then sends candidates to the company application.

1Check role fit, stack, and location eligibility in WithMira.
2Open the company application page from the tracked apply link.
3Save the role or subscribe for similar opportunities before leaving.
Apply on company siteCompany siteOpen link