Engineering Manager, Red Team

DoorDash's Red Team exists to find critical attack paths before real adversaries do. We operate across the full adversary simulation lifecycle — scoping threat-informed engagements, executing realistic attack chains, and working with engineering and detection teams to close the gaps we uncover. Our attack surface spans a multi-sided marketplace: consumer and merchant data, payment systems, driver logistics, and the cloud-native infrastructure that ties it all together.

We're looking for a leader who can take this team to the next level.

We need an offensive security leader who stays close to the work. As the Engineering Manager of the Red Team, you'll inherit an existing team, level it up, expand headcount, and build the partnerships needed to turn red team findings into real engineering change. This is a player-coach role — you'll set strategic direction while staying hands-on with engagement scoping, tradecraft, and tooling decisions.

You'll report to the Director of Global Security Services.

• Define the red team's strategic roadmap — engagement cadence, target prioritization, and capability development — aligned to DoorDash's threat landscape.
• Lead, coach, and grow a team of offensive security engineers. Hire intentionally to fill capability gaps as the team scales.
• Stay technically involved in engagement scoping, methodology, and tooling architecture. Guide adversary simulation, not just manage it.
• Drive remediation outcomes cross-functionally — partner with detection/response, AppSec, infrastructure security, and product engineering to make sure findings get fixed, not just documented.
• Build purple team workflows with detection engineering to validate and improve defensive coverage.
• Direct the development of red team infrastructure and custom tooling as production-quality software.
• Translate offensive findings into risk language that engineers, VPs, and non-technical stakeholders can act on.
• Design repeatable processes and metrics that communicate the team's value in terms of risk reduction, not just finding count.

• 7+ years of offensive security experience (red teaming, adversary simulation, penetration testing) with at least 3 years managing offensive security practitioners.
• Deep, hands-on red team expertise — you speak fluently about TTPs, attack chains, tradecraft, and tooling because you've done the work, not just managed it. Demonstrated player-coach balance between technical depth and management responsibilities.
• Track record of shaping security strategy beyond your own team — influencing engineering, product, or infrastructure organizations to prioritize and act on findings, not just document them.
• Experience with cloud-native offensive operations (AWS/GCP, Kubernetes, containerized microservices, CI/CD pipelines) and building or directing custom offensive tooling as engineered software, not just scripts.
• People-first leadership — you coach, develop careers, provide honest feedback, and build team culture where offensive security practitioners grow.
• Strong cross-functional influence — you can convince an engineering VP to allocate sprint capacity for remediation, partner with detection teams without being adversarial, and communicate the value of a red team in terms of risk reduction, not finding count.

• Experience operating red teams at a marketplace, fintech, or logistics company at scale.
• Background building or directing custom offensive tooling and C2 infrastructure.
• Purple team experience — collaborative detection validation with blue team/DFIR partners.
• Familiarity with threat intelligence-driven engagement scoping (mapping real adversary TTPs to organizational attack surface).
• Experience with global or distributed teams across time zones.
• Relevant certifications: OSCP, OSCE, GXPN, CRTO, CRTL, or similar.