[Remote] Enterprise Security Engineer

Note: The job is a remote job and is open to candidates in USA. DoorDash is a technology and logistics company focused on empowering local economies. The Enterprise Security Engineer will implement and operate security controls to protect the workforce and corporate software environment across DoorDash, Wolt, and Deliveroo, while collaborating with various teams to enhance security practices.

Responsibilities

• Implement and tune core security controls that protect employees across three global brands such as phishing-resistant multi-factor authentication, conditional access, device trust, and software-as-a-service (SaaS) posture management
• Operate the day-to-day security stack, spanning endpoint detection and response (EDR), zero-trust network access, identity-aware proxies, browser security, and data loss prevention (DLP)
• Use AI-assisted coding tools to automate security workflows, incident response, and compliance evidence collection, verifying the output before it ships
• Address modern SaaS risk such as shadow IT, OAuth token sprawl, and high-risk application reviews, partnering with IT and third-party risk teams
• Help teams adopt secure-by-default baselines so that security supports their work rather than blocking it

Skills

• 5+ years of experience in security engineering, enterprise security, IT security, or a related field
• Hands-on experience administering identity providers (e.g., Okta) and Google Workspace, and working knowledge of modern authentication standards (SAML, OAuth 2.0, OpenID Connect, FIDO2/WebAuthn)
• Practical experience operating EDR/XDR platforms and securing macOS, Windows, and Linux endpoints through mobile device management (MDM)
• Hands-on experience with at least one major cloud platform (e.g., AWS, GCP)
• Ability to write production-quality automation scripts (e.g., Python, Go) and communicate clearly in writing
• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience
• Hands-on experience with one or more of: Tailscale, Google IAP, GitHub enterprise controls, Palo Alto Cortex, Chrome Enterprise
• Experience with SaaS Security Posture Management (SSPM), CASB, or OAuth-scope governance
• Experience operating DLP controls, particularly native DLP capabilities in major SaaS platforms
• Experience with Infrastructure-as-code (e.g. Terraform) applied to security tooling
• Experience supporting ISO 27001 or SOC 2 audits
• Contributions to the security community (blog posts, conference talks, bug bounty, open source)
• Relevant certifications (e.g. CISSP Associate, GIAC)

Benefits

• Equity grants
• 401(k) plan with employer matching
• 16 weeks of paid parental leave
• Wellness benefits
• Commuter benefits match
• Paid time off and paid sick leave in compliance with applicable laws (e.g. Colorado Healthy Families and Workplaces Act)
• Medical, dental, and vision benefits
• 11 paid holidays
• Disability and basic life insurance
• Family-forming assistance
• Mental health program
• Flexible paid time off/vacation, plus 80 hours of paid sick time per year (For salaried roles)
• Vacation accrued at about 1 hour for every 25.97 hours worked (e.g. about 6.7 hours/month if working 40 hours/week; about 3.4 hours/month if working 20 hours/week) (For hourly roles)
• Paid sick time accrued at 1 hour for every 30 hours worked (e.g. about 5.8 hours/month if working 40 hours/week; about 2.9 hours/month if working 20 hours/week) (For hourly roles)

Company Overview

Company H1B Sponsorship