- Job Type: Full-Time
- Function: IT
- Industry: Logistics
- Post Date: 06/23/2022
- Website: doordash.com
- Company Address: , San Francisco, CA
About DoorDashDoorDash is a technology company that connects customers with their favorite local and national businesses in over 4,000 cities and all 50 states across the United States and Canada. Founded in 2013, DoorDash empowers merchants to grow their businesses by offering on-demand delivery, data-driven insights, and better in-store efficiency, providing delightful experiences from door to door. By building the last-mile delivery infrastructure for local cities, DoorDash is bringing communities closer, one doorstep at a time.
About the Team
Come help us build the world's most trusted on-demand, logistics engine for delivery! We're building a team of great minds to help us secure and maintain a 24x7, no downtime, global infrastructure system that powers DoorDash’s multi-sided marketplace of consumers, merchants, and drivers.
About the Role
The Information Security team is looking for an Application Security Engineer to work on securing DoorDash’s products running within its cloud computing environment. You will be a part of our inclusive, collaborative team responsible for building a safe and reliable delivery network. On the Security team we need to protect all of our customers, as well as the logistics engine itself. It’s no simple task, but it wouldn’t be interesting if it was!
You’re excited about this opportunity because you will…
- Work directly with engineering and security leaders to enact security strategies for DoorDash’s applications.
- Ensure applications running within the cloud environment honor the requirements of information security policy and standards for segmentation and configuration.
- Develop and implement secure network and process controls for Kubernetes environments.
- Define, document and implement security standards, guidelines and procedures for secure operations.
- Integrate and manage security tools into the CI/CD process.
- Perform manual and automated code reviews to identify vulnerabilities in APIs, microservices and mobile apps (Android and iOS).
- As part of architectural and design review committees, provide actionable feedback in engineering design reviews.
- Manage the lifecycle of application vulnerabilities, from identification to remediation and reporting and metrics.
- Conduct regular application security assessments.
- Develop tools and automated tests for improving our Security efficiency.
We’re excited about you because…
- 5+ years of experience as an application engineer or an information security discipline.
- Deep understanding of each OWASP top 10 vulnerability, microservices security and design.
- Experience with implementing and managing CI/CD pipeline security
- Familiarity with scripting languages (e.g., python) and other programming languages (e.g., java). Kotlin experience is a plus.
- Breadth of technical experience across various application security areas running in large production environments.
- Exceptional analytical and investigative abilities with hands-on experience leading root cause analysis.
- Experience solving complex, systemic issues that require creative thinking and solutions.
- Demonstrated track record of driving improvements to a company’s security posture.
- Excellent verbal and written communication skills - you can explain security design with respect to cloud infrastructure to security and engineering personnel.
- Internal Bug Bounty program management experience is a plus.
- GWEB, GSSP, SSP or other industry certifications are a plus.
At DoorDash, our mission to empower local economies shapes how our team members move quickly, learn, and reiterate in order to make impactful decisions that display empathy for our range of users—from Dashers to merchant partners to consumers. We are a technology and logistics company that started with door-to-door delivery, and we are looking for team members who can help us go from a company that is known for delivering food to a company that people turn to for any and all goods.
DoorDash is growing rapidly and changing constantly, which gives our team members the opportunity to share their unique perspectives, solve new challenges, and own their careers. We're committed to supporting employees’ happiness, healthiness, and overall well-being by providing comprehensive benefits and perks including premium healthcare, wellness expense reimbursement, paid parental leave and more.
Our Commitment to Diversity and Inclusion
We’re committed to growing and empowering a more inclusive community within our company, industry, and cities. That’s why we hire and cultivate diverse teams of people from all backgrounds, experiences, and perspectives. We believe that true innovation happens when everyone has room at the table and the tools, resources, and opportunity to excel.
Statement of Non-Discrimination: In keeping with our beliefs and goals, no employee or applicant will face discrimination or harassment based on: race, color, ancestry, national origin, religion, age, gender, marital/domestic partner status, sexual orientation, gender identity or expression, disability status, or veteran status. Above and beyond discrimination and harassment based on “protected categories,” we also strive to prevent other subtler forms of inappropriate behavior (i.e., stereotyping) from ever gaining a foothold in our office. Whether blatant or hidden, barriers to success have no place at DoorDash. We value a diverse workforce – people who identify as women, non-binary or gender non-conforming, LGBTQIA+, American Indian or Native Alaskan, Black or African American, Hispanic or Latinx, Native Hawaiian or Other Pacific Islander, differently-abled, caretakers and parents, and veterans are strongly encouraged to apply. Thank you to the Level Playing Field Institute for this statement of non-discrimination.
Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation.
If you need any accommodations, please inform your recruiting contact upon initial connection.