Senior Threat Response Engineer, Security Operations

About the Team At DoorDash we’re building the industry’s most scalable and reliable delivery network to support our three-sided marketplace of consumers, merchants, and Dashers. Security is integral to the success of the business, as we secure the data and protect the privacy of our business and various stakeholders. The Security Operations team spans several capabilities, to include Threat Response, Detection Engineering, Corporate Security, and Security Platform Engineering. Our Mission is to create a secure DoorDash environment through proactive threat preparation and rapid response. We are committed to protecting our people, partners, customers, and technologies with robust safeguards and unwavering vigilance. About the Role The Threat Response Engineer, Security Operations will be responsible for conducting investigations and response operations across the incident response life-cycle to mitigate threats to DoorDash. This is a critical role that will work closely with cross functional partners to analyze threats, build and execute response playbooks, and strengthen the DoorDash security posture through proactive mitigating controls. The Threat Response Engineer will be part of a follow-the-sun 24x7 model and conduct handover to both US-based and International teams. Preference is for this position to be in the East Coast, US or Hawaii, US. On call and weekend availability will be required. You will report into the Senior Manager, Cyber Defense in the Security Operations organization, under the Chief Information Security Officer. You’re excited about this opportunity because you will… Monitor, analyze, and correlate security alerts, logs, and events from various sources Lead investigation and containment of security incidents, as incident handler Prepare post-mortem reports and conduct lessons learned Develop and maintain incident response playbooks and processes Coordinate with cross-functional teams, internally and externally, on threats targeting DoorDash Lead or participate in security tool proof-of-concepts and documentation Identify opportunities for alert development based on threats to DoorDash Conduct threat hunting Lead training or other education and awareness opportunities for the enterprise as required Use monitoring and detection platforms to investigate anomalous activity for potential insider risk. Advise and assist in the onboarding and implementation of custom tooling designed to alert on anomalous behaviors. Create and maintain a use case library to inform detections, and develop corresponding playbooks and escalation procedures. Participate in and support on-call rotation We’re excited about you because… 5+ years of experience in Incident Response, Threat Hunt, and/or Security Operations. Experience working with Global partners in a follow-the-sun model Experience with a broad range of technologies including endpoint detection and network technologies, and SOAR/SIEM platforms Experience with AI / LLM technologies to help enrich and automate security operational processes. Computer forensics, including analysing Linux and MacOS systems. Working knowledge of a scripting language Exceptional analytical and investigative abilities Experience partnering with cross functional teams to support an investigation Excellent understanding of information security operations related frameworks and standards (e.g., MITRE Attck and NIST) Excellent verbal and written communication, presentation, and stakeholder management skills We expect this position to be filled by 6/22/26. Compensation Actual compensation within the pay range listed below will be decided based on factors including, but not limited to, skills, prior relevant experience, and specific work location. Base salary is localized according to employee work location. DoorDash cares about you and your overall well-being. That’s why we offer a comprehensive benefits package to all regular employees, which includes a 401(k) plan ... (truncated, view full listing at source)