Director, Enterprise Security Engineering

About The Team

At DoorDash we’re building the industry’s most scalable and reliable delivery network to support our three-sided marketplace of consumers, merchants, and Dashers. Security is paramount to the success of our business, and DoorDash Security aspires to be the world’s most admired security team. We are committed to building the world's most trusted on-demand, logistics engine for delivery! We're expanding our team of great minds to help us secure and maintain a 24x7, no downtime, global infrastructure system that powers DoorDash’s multi-sided marketplace of consumers, merchants, and drivers.

About The Role

We are hiring a Director to lead and scale our global Enterprise Security Engineering function, a critical part of the company’s security and technology foundation. This team builds the security guardrails—baselines, controls, and automated assurance platforms—that make our enterprise secure by design. You will set and own the strategic vision, roadmap, and operational framework for enterprise security engineering; build and develop leaders and teams, ensuring measurable control health and business enablement across global environments. The work blends strategic leadership and operational excellence. You will define the playbook, allocate resources, mentor managers and senior engineers, and make final calls on priorities and direction. Success in this role stems from a deep technical understanding, strong business alignment, and the ability to influence across the entire enterprise. You will partner closely with IT and business leaders to embed guardrails into enterprise platforms and services, ensuring that controls scale globally with reliability, automation, and speed. We prioritize crown-jewel systems and data through explicit risk tiering, driving engineering investments where they have the highest enterprise impact. This role requires executive presence, operational discipline, and a track record of building scalable, secure-by-default programs that enable innovation while reducing risk.

You are excited about this opportunity because you will…

Define and deliver enterprise guardrails.

Own the strategy and drive execution of hardened enterprise baselines across identity, endpoints, SaaS, networks, and data. Ensure durable adoption and measurable control health through automated attestation, SLAs/SLOs, and continuous improvement. Drive adoption across partner functions, ensuring these guardrails become an integrated part of standard enterprise operations.

Advance Zero Trust.

Establish enterprise-wide Zero Trust standards and roadmap—enforcing identity-aware access with continuous attestation of device and user signals. Direct the evolution toward a VPN-free environment by scaling identity- and machine-bound authentication and institutionalizing secure-by-default access patterns.

Protect data in motion and at rest.

Set the company-wide data protection strategy, scaling classification, DLP, and least-privilege enforcement. Drive adoption of managed browsers, data egress controls, and safe-by-default collaboration paths for AI and SaaS tools.

Lead SaaS hardening, discovery, and control with IT.

Define an enterprise security SaaS governance model and ensure compliance with hardening baselines for sanctioned applications. Oversee detection and response to shadow SaaS, and implement data egress enforcement at scale using automation and policy-as-code.

Scale architecture reviews.

Institutionalize secure architecture review practices—embedding threat modeling, trust boundaries, and abuse-case reviews as part of enterprise service delivery. Ensure secure-by-default patterns are enforced through code, automation, and policy frameworks.

Engineer assurance-as-code.

Sponsor and guide development of enterprise policy engines, control plane change gates, and compliance enforcement frameworks for identity, device, SaaS, and network systems. Drive automation and continuous validation as organizational standards across thousands of systems and users.

Oversee secrets hygiene.

Establish accountability for secret management, rotation, and attestation by detecting plaintext secrets in SaaS and on endpoints, blocking egress with managed browsers, routing to approved vaulting, and verifying KMS rotation and attestation signals.

Review third-party and AI integrations.

Define and set pre-production minimums and clearly define exceptions that protect access boundaries and crown-jewel data.

Strengthen the human edge.

Champion user-centric controls and scalable behavior-change programs—such as phishing resilience, managed browsers, and frictionless adoption of secure workflows—to reduce human-risk exposure while preserving productivity.

Harden control gaps.

In partnership with Detection and Response, the Red Team, and Leadership, establish systematic programs to eliminate control gaps, ensure corrective measures are codified, and prevent recurrence through enforced automation.

Deliver measurable impact.

Own and publish enterprise control health metrics, report progress to executive leadership, and ensure meaningful reductions in risk exposure and control debt across the company.

We are excited about you because you bring…

Leadership experience.

12+ years of progressive experience in security or infrastructure, including 7+ years leading managers and multi-tiered teams with global scope and cross-functional impact. A strategic operator and people leader who builds high-performing organizations, sets direction, and develops future leaders while maintaining hands-on technical credibility.

Technical depth.

Deep understanding of enterprise security architecture, Zero Trust, segmentation, device and identity attestation, telemetry-backed control health, and secure-by-default design principles. Able to guide technical direction while maintaining an outcome-oriented focus on risk and business enablement.

Customer orientation.

Commitment to aligning security with user productivity and business velocity. You make the secure path the easy path by designing with adoption metrics, time-to-task measures, and usability principles that reduce friction and increase compliance.

Automation-first mindset.

Vision for automation and assurance at scale—policy-as-code, infrastructure-as-code, and self-healing control pipelines. You drive automation as an organizational standard, not a team project.

Execution under pressure.

Proven ability to operate at enterprise scale, balancing competing priorities, making decisive calls amid ambiguity, and sequencing delivery to align with risk and business imperatives.

Collaboration at scale.

Recognized cross-functional influencer who builds durable partnerships with IT and business leaders to integrate controls into enterprise systems without slowing delivery.

Agile workflows.

Demonstrated ability to manage complex program portfolios, align teams around outcomes, and implement iterative governance practices that improve velocity and transparency at scale.

Influence and communication.

Executive presence, clarity, and precision. You communicate with credibility to both engineers and executives, aligning diverse stakeholders and inspiring accountability.

Evidence of impact.

Track record of measurable reductions in enterprise risk exposure—measured through company-wide metrics such as control coverage, incident reduction, or posture improvement.

Credentials.

Bachelor’s degree or equivalent experience required; advanced degree preferred.

Reliability and flexibility.

Comfortable operating globally and supporting critical escalations when required. Able to balance operational tempo with long-term strategy.

Must be comfortable regularly exercising discretion and independent judgment in performing job duties, including evaluating options, making informed decisions, and determining appropriate courses of action within the scope of assigned responsibilities.

We expect this position to be filled by 1/10/2026.

Notice to Applicants for Jobs Located in NYC or Remote Jobs Associated With Office in NYC Only

We use Covey as part of our hiring and/or promotional process for jobs in NYC and certain features may qualify it as an AEDT in NYC. As part of the hiring and/or promotion process, we provide Covey with job requirements and candidate submitted applications. We began using

Covey Scout for Inbound

from August 21, 2023, through December 21, 2023, and resumed using

Covey Scout for Inbound

again on June 29, 2024.

The Covey tool has been reviewed by an independent auditor. Results of the audit may be viewed here:

Covey

Compensation

The successful candidate’s starting pay will fall within the pay range listed below and is determined based on job-related factors including, but not limited to, skills, experience, qualifications, work location, and market conditions. Base salary is localized according to an employee’s work location. Ranges are market-dependent and may be modified in the future.

In addition to base salary, the compensation for this role includes opportunities for equity grants. Talk to your recruiter for more information.

DoorDash cares about you and your overall well-being. That’s why we offer a comprehensive benefits package to all regular employees, which includes a 401(k) plan with employer matching, 16 weeks of paid parental leave, wellness benefits, commuter benefits match, paid time off and paid sick leave in compliance with applicable laws (e.g. Colorado Healthy Families and Workplaces Act). DoorDash also offers medical, dental, and vision benefits, 11 paid holidays, disability and basic life insurance, family-forming assistance, and a mental health program, among others.

To learn more about our benefits, visit our careers page

here

.

See Below For Paid Time Off Details

For Salaried Roles

flexible paid time off/vacation, plus 80 hours of paid sick time per year.

For Hourly Roles

vacation accrued at about 1 hour for every 25.97 hours worked (e.g. about 6.7 hours/month if working 40 hours/week; about 3.4