Senior Security Engineer, Red Team

About The Position

Requirements

• 5+ years of experience in Red Teaming and Purple Teaming
• You are passionate about offensive security and care about improving your craft every day
• You think like an adversary. You have deep, experiential knowledge of APT and insider threat TTPs, not just theoretical familiarity
• Experience partnering with cross-functional teams to secure diverse environments, providing feedback loops that articulate business risks and generate actionable intelligence
• You've run full-scope operations across multi-platform and cloud environments, and you know how to build the malware and tooling to support them
• Strong knowledge of one of Python, Golang, Rust, Kotlin, Java, or Powershell
• Experience using and developing tooling, methodologies and scalable infrastructure to support red team engagements capabilities (e.g. command and control frameworks, phishing environment, exploits)
• Experience with Command and Control (C2) frameworks
• Experience with Defense Evasion to bypass security tooling (e.g. Endpoint Detection and Response)
• Excellent understanding of information security operations related frameworks and standards (e.g., MITRE Att&ck)
• Experience providing technical leadership and guidance, and thinking strategically and analytically to solve problems
• Excellent communication, presentation, and stakeholder management skills
• Engages with a people-first approach, is able to facilitate a conversation rather than dictate it, and is empathetic to divergent viewpoints

Responsibilities

• Plan and execute realistic adversary simulations using curated threat intelligence to assess security opportunities, and detection and response capabilities
• Hunt for vulnerabilities across AI systems, payment infrastructure, autonomous delivery hardware, and emerging technologies before adversaries do
• Exercise range of expertise to include cyber, insider, and fraud Red Team testing scenarios.
• Build custom tools, exploits, and payloads tailored to DoorDash's unique and evolving tech stack
• Partner with Blue Teams to escalate emerging threats and develop proactive detection or defensive strategies
• Advise leadership on emerging threats and shape the security strategy for one of the world's most complex logistics platforms

Benefits

• comprehensive benefits package to all regular employees, which includes a 401(k) plan with employer matching, 16 weeks of paid parental leave, wellness benefits, commuter benefits match, paid time off and paid sick leave in compliance with applicable laws (e.g. Colorado Healthy Families and Workplaces Act).
• DoorDash also offers medical, dental, and vision benefits, 11 paid holidays, disability and basic life insurance, family-forming assistance, and a mental health program, among others.
• For salaried roles: flexible paid time off/vacation, plus 80 hours of paid sick time per year.
• For hourly roles: vacation accrued at about 1 hour for every 25.97 hours worked (e.g. about 6.7 hours/month if working 40 hours/week; about 3.4 hours/month if working 20 hours/week), and paid sick time accrued at 1 hour for every 30 hours worked (e.g. about 5.8 hours/month if working 40 hours/week; about 2.9 hours/month if working 20 hours/week).