Enterprise Security Engineer
DoorDash · USA
Job Description
Enterprise Security Engineer
Company: DoorDash Location: Remote (USA) Contract: Permanent Seniority: Senior
About the Team
The Enterprise Security team is the primary point of contact for employee-focused security across DoorDash, Wolt, and Deliveroo. We deliver secure-by-default systems, processes, and controls for everyone who works here, and we build the self-service tooling that makes the secure choice the easy one. We partner closely with IT, Legal, Privacy, and Engineering to protect our people, devices, and data without slowing them down.
About the Role
As an Enterprise Security Engineer, you will help implement and operate the security controls that protect our workforce, endpoints, and corporate software environment across DoorDash, Wolt, and Deliveroo. You will spend your time tuning the tools that keep employees secure, building automation that removes repetitive work, and partnering with teams across the company to make the secure path the easy one. This is an exciting opportunity to join as we mature security across three global brands and lean into AI-assisted ways of working. You will report into the US Enterprise Security Team Lead.
Key Responsibilities
- Implement and tune core security controls that protect employees across three global brands, such as phishing-resistant multi-factor authentication, conditional access, device trust, and software-as-a-service (SaaS) posture management.
- Operate the day-to-day security stack, spanning endpoint detection and response (EDR), zero-trust network access, identity-aware proxies, browser security, and data loss prevention (DLP).
- Utilize AI-assisted coding tools to automate security workflows, incident response, and compliance evidence collection, verifying the output before implementation.
- Address modern SaaS risks such as shadow IT, OAuth token sprawl, and high-risk application reviews, in partnership with IT and third-party risk teams.
- Help teams adopt secure-by-default baselines so that security supports their work rather than hindering it.
Requirements
- 5+ years of experience in security engineering, enterprise security, IT security, or a related field.
- Hands-on experience administering identity providers (e.g., Okta) and Google Workspace.
- Working knowledge of modern authentication standards including SAML, OAuth 2.0, OpenID Connect, and FIDO2/WebAuthn.
- Practical experience operating EDR/XDR platforms and securing macOS, Windows, and Linux endpoints through mobile device management (MDM).
- Hands-on experience with at least one major cloud platform (e.g., AWS, GCP).
- Ability to write production-quality automation scripts (e.g., Python, Go).
- Clear written communication skills.
Nice to Haves
- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience.
- Hands-on experience with one or more of: Tailscale, Google IAP, GitHub enterprise controls, Palo Alto Cortex, Chrome Enterprise.
- Experience with SaaS Security Posture Management (SSPM), CASB, or OAuth-scope governance.
- Experience operating DLP controls, particularly native DLP capabilities in major SaaS platforms.
- Experience with Infrastructure-as-code (e.g., Terraform) applied to security tooling.
- Experience supporting ISO 27001 or SOC 2 audits.
- Contributions to the security community (blog posts, conference talks, bug bounty, open source).
- Relevant certifications (e.g., CISSP Associate, GIAC).
What success looks like in your first 6 months
- Ownership of the day-to-day operation of at least one Enterprise Security tool (e.g., Cortex policy tuning, Tailscale ACL maintenance, or GitHub user-centric controls).
- Shipped at least one AI-assisted automation that eliminates a recurring ticket category in the Jira support queue.
- Completed an exception-handling review of endpoint posture policies and surfaced any drift or gaps.
Compensation and Benefits
The successful candidate’s starting pay will fall within the pay range of $130,600—$192,000 USD, determined by job-related factors including skills, experience, qualifications, work location, and market conditions. Base salary is localized according to the employee’s work location.
In addition to base salary, this role includes opportunities for equity grants.
DoorDash offers a comprehensive benefits package to all regular employees, including:
- 401(k) plan with employer matching
- 16 weeks of paid parental leave
- Wellness benefits
- Commuter benefits match
- Flexible paid time off/vacation
- 80 hours of paid sick time per year
- Medical, dental, and vision benefits
✨ This description was enhanced by AI based on the original listing.