• Threat model, design, harden, and operationalize Product and Cloud Security services and controls at DoorDash scale. • Define, document and implement security standards, guidelines and procedures to design and implement automated security controls and remediation tools with rigor and developer ergonomics. • Partner cross-functionally with Core Infrastructure, Product Engineering, Legal, Security teams and Vendor Partners to build “paved paths” that provide actionable feedback to embed secure design practices into the product and infrastructure development process. • Lead the technical direction and roadmap execution for your assigned area of ownership. • Build and maintain high Operational Excellence (OE) to ensure we operate services with excellence, rigor and durable standards to ensure minimal downtime. • Participate in on-call rotation and promptly respond to on-call events with urgency and rigor. • Manage the lifecycle of product and cloud security vulnerabilities, from identification, triage, and drive remediation, reporting and metrics. • Influence and enable the secure and responsible adoption of LLMs and AI tools. • Mentor and coach earlier career engineers, setting high standards for Operational Excellence and Security Engineering.

• Responsible for defining, maintaining, and governing an end-to-end security solution design that spans global processes, data, people, and technology. • Creating conceptual, logical, and implementation architecture views aligned with global business needs. • Providing expert recommendations on security best practices that are business enablers, balancing the risk tolerance of Colliers while ensuring systems are secure and private by design. • Leading the security architecture strategy for cloud migration and modernization initiatives, specifically within Google Cloud Platform (GCP) and Microsoft Azure environments. • Ensuring designs leverage cloud-native security controls (e.g., Google Cloud Armor, Azure Sentinel, VPC Service Controls) effectively. • Partnering with Engineering and DevOps teams to embed security into the CI/CD pipeline ('Shift Left'). • Architecting secure containerization strategies (Kubernetes/GKE/AKS) and API security frameworks. • Developing governance and security guardrails for the adoption of emerging technologies, including Generative AI and Large Language Models (LLMs), ensuring safe business enablement. • Developing, maintaining, and governing the global security architecture framework, translating it into robust security designs for all enterprise programs and projects to ensure a consistent and compliant posture. • Collaborating with Project Managers, Solution Designers, and technical teams to integrate security and privacy into solution designs. • Leading the implementation of new security tools and technologies, overseeing their integration into the existing global security architecture. • Creating and maintaining comprehensive security technical architecture design documents and diagrams. • Identifying security gaps in existing and proposed architectures and recommending changes or enhancements. • Conducting technical documentation reviews, ensuring security considerations are well-defined and implemented. • Supporting the development and enforcement of Data security/Application security policies, standards, and procedures. • Conducting security reviews and assurance activities to identify risks and validate security compliance across corporate systems. • Continuously monitoring the evolving security landscape and technological advancements to adapt and refine risk-based security strategies.

About the Team At DoorDash we’re building the industry’s most scalable and reliable delivery network to support our three-sided marketplace of consumers, merchants, and Dashers. Security is paramount to the success of our business, and DoorDash Security aspires to be the world’s most admired security team. We are committed to building the world's most trusted on-demand, logistics engine for delivery! We're expanding our team of great minds to help us secure and maintain a 24x7, no downtime, global infrastructure system that powers DoorDash’s multi-sided marketplace of consumers, merchants, and drivers. About the Role Our Security Engineering team is looking for a Staff Security Engineer to lead threat modeling, hardening and operation of security services within DoorDash’s Product and Cloud Security domains. You will be a part of our inclusive, collaborative global team responsible for building “paved paths” to ensure a safe, reliable and resilient delivery network. This is a US or Canada remote position reporting directly to the Manager of our Security Engineering team. You’re excited about this opportunity because you will… - Threat model, design, harden, and operationalize Product and Cloud Security services and controls at DoorDash scale. - Define, document and implement security standards, guidelines and procedures to design and implement automated security controls and remediation tools with rigor and developer ergonomics. - Partner cross-functionally with Core Infrastructure, Product Engineering, Legal, Security teams and Vendor Partners to build “paved paths” that provide actionable feedback to embed secure design practices into the product and infrastructure development process. - Lead the technical direction and roadmap execution for your assigned area of ownership. - Build and maintain high Operational Excellence (OE) to ensure we operate services with excellence, rigor and durable standards to ensure minimal downtime. - Participate in on-call rotation and promptly respond to on-call events with urgency and rigor. - Manage the lifecycle of product and cloud security vulnerabilities, from identification, triage, and drive remediation, reporting and metrics. - Influence and enable the secure and responsible adoption of LLMs and AI tools. - Mentor and coach earlier career engineers, setting high standards for Operational Excellence and Security Engineering. We’re excited about you because… - 8+ years of experience as a security engineer in a product security or infrastructure security discipline. - Able to demonstrate a track record of driving foundational improvements to a company’s infrastructure security posture. - Breadth of technical experience across various infrastructure and security areas running in large production environments. - Deep understanding of each OWASP top 10 vulnerability, distributed systems security and design. - Experience in CI/CD pipelines to automate security control enforcement and testing. - You proficient in analyzing code, architecture and designs from a security perspective - Well versed with scripting languages (e.g. Python) and other programming languages (e.g. Java). Golang experience is a plus. - Strong experience with infrastructure as a code tooling like Terraform. - Expertise with cloud infrastructure and management in GCP and AWS. - Experience solving complex, systemic issues that require creative thinking and solutions. - Exceptional analytical and investigative abilities with hands-on experience leading root cause analysis. - Excellent verbal and written communication skills - you can understand and review design documents with respect to cloud infrastructure with engineering personnel. We expect this position to be filled by 5/29/2026. Notice to Applicants for Jobs Located in NYC or Remote Jobs Associated With Office in NYC Only We use Covey as part of our hiring and/or promotional process for jobs in NYC and certain features may qualify it as an AEDT in NYC. As part of the hiring and/or promotion process, we provide Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound from August 21, 2023, through December 21, 2023, and resumed using Covey Scout for Inbound again on June 29, 2024. The Covey tool has been reviewed by an independent auditor. Results of the audit may be viewed here: Covey Compensation The successful candidate’s starting pay will fall within the pay range listed below and is determined based on job-related factors including, but not limited to, skills, experience, qualifications, work location, and market conditions. Base salary is localized according to an employee’s work location. Ranges are market-dependent and may be modified in the future. In addition to base salary, the compensation for this role includes opportunities for equity grants. Talk to your recruiter for more information. DoorDash cares about you and your overall well-being. That’s why we offer a comprehensive benefits package to all regular employees, which includes a 401(k) plan with employer matching, 16 weeks of paid parental leave, wellness benefits, commuter benefits match, paid time off and paid sick leave in compliance with applicable laws (e.g. Colorado Healthy Families and Workplaces Act). DoorDash also offers medical, dental, and vision benefits, 11 paid holidays, disability and basic life insurance, family-forming assistance, and a mental health program, among others. To learn more about our benefits, visit our careers page here. See below for paid time off details: - For salaried roles: flexible paid time off/vacation, plus 80 hours of paid sick time per year. - For hourly roles: vacation accrued at about 1 hour for every 25.97 hours worked (e.g. about 6.7 hours/month if working 40 hours/week; about 3.4 hours/month if working 20 hours/week), and paid sick time accrued at 1 hour for every 30 hours worked (e.g. about 5.8 hours/month if working 40 hours/week; about 2.9 hours/month if working 20 hours/week). The national base pay range for this position within the United States, including Illinois and Colorado. $193,800—$285,000 USD About DoorDash At DoorDash, our mission to empower local economies shapes how our team members move quickly, learn, and reiterate in order to make impactful decisions that display empathy for our range of users—from Dashers to merchant partners to consumers. We are a technology and logistics company that started by enabling door-to-door delivery, and we are looking for team members who can help us go from a company that is known as the place you order food to a company that people turn to for any and all goods. DoorDash is growing rapidly and changing constantly, which gives our team members the opportunity to share their unique perspectives, solve new challenges, and own their careers. We're committed to supporting employees’ happiness, healthiness, and overall well-being by providing comprehensive benefits and perks including premium healthcare, wellness expense reimbursement, paid parental leave and more. Our Commitment to Diversity and Inclusion We’re committed to growing and empowering a more inclusive community within our company, industry, and cities. That’s why we hire and cultivate diverse teams of people from all backgrounds, experiences, and perspectives. We believe that true innovation happens when everyone has room at the table and the tools, resources, and opportunity to excel. Statement of Non-Discrimination: In keeping with our beliefs and goals, no employee or applicant will face discrimination or harassment based on: race, color, ancestry, national origin, religion, age, gender, marital/domestic partner status, sexual orientation, gender identity or expression, disability status, or veteran status. Above and beyond discrimination and harassment based on “protected categories,” we also strive to prevent other subtler forms of inappropriate behavior (i.e., stereotyping) from ever gaining a foothold in our office. Whether blatant or hidden, barriers to success have no place at DoorDash. We value a diverse workforce – people who identify as women, non-binary or gender non-conforming, LGBTQIA+, American Indian or Native Alaskan, Black or African American, Hispanic or Latinx, Native Hawaiian or Other Pacific Islander, differently-abled, caretakers and parents, and veterans are strongly encouraged to apply. Thank you to the Level Playing Field Institute for this statement of non-discrimination. Pursuant to the San Francisco Fair Chance Ordinance, Los Angeles Fair Chance Initiative for Hiring Ordinance, and any other state or local hiring regulations, we will consider for employment any qualified applicant, including those with arrest and conviction records, in a manner consistent with the applicable regulation. If you need any accommodations, please inform your recruiting contact upon initial connection.

• Audit the current WordPress registration and login flows, including all security plugins and custom code. • Identify how bots are circumventing existing protections (e.g., API abuse, headless browsers, plugin vulnerabilities). • Develop and implement advanced anti spam measures tailored to the site's architecture (e.g., custom challenges, behavior analysis, honeypots, rate limiting, or integration with third party services like Cloudflare Turnstile). • Ensure the solution is lightweight, user friendly for genuine customers, and maintainable. • Provide documentation and a brief hand off to the client.