Facebook pixel

Application Security Engineer
Posted on 2/11/2022
INACTIVE
Locations
Remote • United States
Experience Level
Entry
Junior
Mid
Senior
Expert
Desired Skills
Android Development
iOS/Swift
Java
Kotlin
Management
Kubernetes
Python
Requirements
  • 5+ years of experience as an application engineer or an information security discipline
  • Deep understanding of each OWASP top 10 vulnerability, microservices security and design
  • You are interested in analyzing code, architecture and design from a security perspective
  • Experience with implementing and managing CI/CD pipeline security
  • Breadth of technical experience across various application security areas running in large production environments
  • Exceptional analytical and investigative abilities with hands-on experience leading root cause analysis
  • Experience solving complex, systemic issues that require creative thinking and solutions
  • Demonstrated track record of driving improvements to a company's security posture
  • Excellent verbal and written communication skills - you can explain security design with respect to cloud infrastructure to security and engineering personnel
  • GWEB, GSSP, SSP or other industry certifications are a plus
Responsibilities
  • Work directly with engineering and security leaders to enact security strategies for DoorDash's applications
  • Be hands-on and perform manual and automated code reviews to identify vulnerabilities in APIs, microservices and mobile apps (Android and iOS)
  • Conduct regular application security assessments
  • Define, document and implement security standards, guidelines and procedures for secure operations
  • As part of architectural and design review committees, provide actionable feedback in engineering design reviews
  • Manage the lifecycle of application vulnerabilities, from identification to remediation and reporting and metrics
  • Integrate and manage security tools into the CI/CD process
  • Ensure applications running within the cloud environment honor the requirements of information security policy and standards for segmentation and configuration
  • Develop and implement secure network and process controls for Kubernetes environments
  • Manage the lifecycle of application vulnerabilities, from identification to remediation and reporting and metrics
  • Develop tools and automated tests for improving our Security efficiency
Desired Qualifications
  • Well versed with scripting languages (e.g., python) and other programming languages (e.g., java). Kotlin experience is a plus
  • Internal Bug Bounty program management experience is a plus
DoorDash

5,001-10,000 employees

Local food delivery from restaurants
Company Overview
DoorDash is working to empower local communities and in turn, creating new ways for people to earn, work, and thrive. The company operates the largest food delivery platform in the United States.
Benefits
  • Health & Wellness - Premium medical, dental, and vision insurance plans, including fertility coverage. Monthly gym and wellness reimbursement.
  • Compensation - Competitive salary with bi-annual performance reviews. Meaningful equity opportunities - with quarterly vesting.
  • Time When You Need It - Flexible vacation days for salaried employees. Generous vacation and sick days for hourly team members. Paid Parental Leave to support our DoorDash families.
  • Flexible Work Support - At-home office equipment and monthly WiFi support while working from home. Enjoy your favorite lunch on us while working in one of our offices.
Company Values
  • We are one team
  • Make room at the table. We’re committed to growing and empowering a more diverse and inclusive community. We believe that true innovation happens when everyone has the tools, resources and opportunity to thrive.
  • Think outside the room. We strive to be as inclusive as possible and consider those who may not be in the room when making decisions.
  • One team, one fight. We’re in this together, and both success and failure are shared. We are intentional about creating a high-accountability, no-blame culture.