• Perform expert-level secure code reviews with a focus on OWASP Top 10 and CWE vulnerability classes. • Identify, triage, and remediate application-layer vulnerabilities, including broken access control, IDOR, SQL injection, command injection, and deserialization flaws. • Develop and maintain security automation tools using Python, GoLang, or JavaScript/TypeScript to streamline vulnerability detection and remediation processes. • Conduct and document penetration tests, collaborating cross-functionally to drive remediation initiatives. • Advise development teams on secure coding practices, bringing a proactive security mindset into the software lifecycle. • Stay informed of emerging threats and incorporate best practices within the customer's environments. • Communicate effectively through detailed written reports and verbal briefings, ensuring security findings are clearly understood and actionable.

• Monitor, analyze, and correlate security alerts, logs, and events from various sources • Lead investigation and containment of security incidents, as incident handler • Prepare post-mortem reports and conduct lessons learned • Develop and maintain incident response playbooks and processes • Coordinate with cross-functional teams, internally and externally, on threats targeting DoorDash • Lead or participate in security tool proof-of-concepts and documentation • Identify opportunities for alert development based on threats to DoorDash • Conduct threat hunting • Lead training or other education and awareness opportunities for the enterprise as required • Use monitoring and detection platforms to investigate anomalous activity for potential insider risk • Advise and assist in the onboarding and implementation of custom tooling designed to alert on anomalous behaviors • Create and maintain a use case library to inform detections, and develop corresponding playbooks and escalation procedures • Participate in and support on-call rotation

• Lead and mentor a global team of threat engineers focused one or more of the following disciples; threat detection, threat emulation, threat intelligence, and incident response. • Supervise all aspects of the team including hiring, training, evaluating, and coaching. • Foster a culture of technical excellence, collaboration, and continuous improvement • Manage team training, development, and staffing to ensure readiness for current and emerging threats • Lead threat engineering efforts that develop, deploy, and operate tools and services that enable the teams ability to detect and respond to cybersecurity threats • Collaborate with other Threat Management teams to ensure alignment with strategic objectives and to drive operational effectiveness • Provide detailed technical insights and recommendations to security leadership. • Develop and report metrics for reporting at an organizational, company, and/or Executive level.

• Own the operational backbone of Detection & Response (D&R): intake, triage, investigation flow, reporting, and MDR oversight. • Redesign processes, write code to eliminate toil, and leverage AI to make the team faster. • Engage partners effectively, ensuring D&R delivers on its mission. • Ensures detections flow into operational processes, manages investigations and incidents.