ForHire

PRINCIPAL ENGINEER, PRODUCT SECURITY

DoorDash
Full-time
Remote
$231,200 - $340,000
Posted on 5 months ago

Job Description

The Product Security team at DoorDash is seeking a Principal Engineer to lead product security initiatives, providing strategic direction and mentoring junior engineers. This role involves securing DoorDash's platform, advising on security strategies, performing code reviews, and managing vulnerabilities.

Responsibilities

  • Set and own strategic roadmaps for security partner pods
  • Prioritize customer experience and security design
  • Advise and mentor security engineers
  • Provide senior consultation and build solutions for complex security challenges
  • Perform manual and automated code reviews
  • Conduct regular application security assessments
  • Define, document, and implement security standards
  • Provide feedback in engineering design reviews
  • Manage application vulnerability lifecycle
  • Integrate and manage security tools into CI/CD process
  • Ensure applications honor security policies in the cloud
  • Develop and implement secure network controls for Kubernetes
  • Develop tools and automated tests for security efficiency

Requirements

  • 10+ years of security or product security engineering experience
  • Experience working with global teams
  • Experience partnering with engineering and product teams
  • Experience providing technical leadership
  • Excellent communication and stakeholder management skills
  • Expert understanding of authorization and authentication
  • Expert knowledge of building and deploying secure microservices
  • Experience identifying and remediating OWASP top 10 vulnerabilities
  • Interest in analyzing code and architecture from a security perspective
  • Well versed with scripting and programming languages
  • Experience building asset inventory for security observability
  • Experience with implementing and managing CI/CD pipeline security
  • Knowledge of supply chain security
  • Experience building security solutions for HIPAA and PCI products
  • Breadth of technical experience across application security areas
  • Experience solving complex, systemic issues
  • Demonstrated track record of driving strategic improvements
  • Excellent verbal and written communication skills
  • Industry certifications are a plus

Benefits

  • No benefits