DoorDash is a logistics-first platform processing hundreds of millions of deliveries annually across more than 40 countries. That scale means the attack surface is enormous: a marketplace connecting over 500,000 merchant partners, millions of consumers, and a vast network of Dashers, all transacting in real time. The threat model spans payment fraud, account takeover, data exfiltration of personal and financial information, and the integrity of the logistics algorithms that route and price deliveries. Securing this system is not a theoretical exercise - it directly protects livelihoods and commerce at a global scale.
The platform's core technical domains - logistics technology and data-driven tools - generate significant security engineering challenges. Protecting the integrity of routing and pricing systems, securing massive real-time data pipelines, and hardening APIs that third-party merchants and consumers interact with are central concerns. The security team operates at the intersection of application security, infrastructure defense, fraud detection, and data protection, with work spanning local commerce, restaurant delivery, grocery delivery, and retail verticals.
Founded in 2013, DoorDash has grown from a delivery startup into a global platform. For security professionals, the draw is the sheer complexity: defending a system where a vulnerability doesn't just mean a breach, but potentially disrupts food delivery for millions or exposes the personal data of a workforce spanning dozens of countries. The engineering culture emphasizes building security into logistics infrastructure and data systems from the ground up rather than bolting it on after the fact.
