The security organization at Uber is dedicated to enabling safe and secure innovation while protecting the communities we serve both online and in the physical world. Our teams are responsible for protecting both people and their data across intersections of the digital and physical world. The primary objective of the Uber Engineering Security team is to enable the technical ambitions of the company while maintaining the highest standards of security and privacy for our customers and partners. As cybersecurity threats evolve, so do we.

About the Role

Core Security Engineering’s mission is to make the Uber environment secure by default and provide industry-leading products and services to all Uber's production services and infrastructure. We are focused on building both security primitives and end-user products that help Uber engineers to secure their service, build trust, and advance security to enable our global business.

We are looking for a Sr Software Engineer with cryptography domain expertise to join our Identity and Access Management Team. We are responsible for providing and managing Identity, Encryption key material for all of Uber’s services. You’ll work on critical distributed multi-cloud services at a massive scale built with best security practices at the forefront.

You’ll be responsible for long-term decisions on leveraging next gen infra to continuously scale and operate such foundational security services.

What you’ll do

You will be joining a team responsible for Identity and Access Management at Uber scale and have an opportunity to work on:

• Cryptography services.
• Public Key Infrastructure.
• Tools responsible for human and device identity lifecycle management.
• Architecture, Implementation, and scaling of Certification Authorities, Validation Authorities, and Registration Authority roles.
• Device, User Certificate life cycle management.
• Design and implement resilient and reliable mico services to support create, manage, distribute and recycle digital certificates.
• Build scalable cryptographic systems that support NIST, FIPS, SOX and HIPPA compliance requirements for X.509 and key management services
• Provide interoperability with enrollment services and LDAP directories

Basic Qualifications

• 5+ years of experience in Tools and Technology development in cryptography, Public Key Infrastructure, or a related field.
• 5+ years of experience in a backend development role participating in the SDLC (coding, design/architecture, testing, etc).
• Expertise in C++, C#, Golang, Java, or Python.
• Deep understanding of Infrastructure security spanning across public cloud and on-premise environments.
• Developing and managing tooling required for Certification Authority, Validation Authority, and Registration Authority roles.
• Certificate life cycle management.
• Deep domain-level knowledge of PKI and able to deliver design and architecture models to mature the environment.

Preferred Qualifications

• Experience in Microservices Architecture.
• Experience with Front end and Backend software development.
• Extensive experience (5+ years) designing and implementing large enterprise-grade systems that scale to the business requirements.
• Domain expertise in Single-sign-on and MultiFactor Authentication systems.
• Experience in developing tooling for Identity and Access Management.

For Sunnyvale, CA-based roles: The base salary range for this role is $174,000 per year - $193,500 per year.

You will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. You will also be eligible for various benefits. More details can be found at the following link https://www.uber.com/careers/benefits.

Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form.

Offices continue to be central to collaboration and Uber’s cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.

The security organization at Uber is dedicated to enabling safe and secure innovation while protecting the communities we serve both online and in the physical world. Our teams are responsible for protecting both people and their data across intersections of the digital and physical world. The primary objective for Uber Engineering Security team is to enable the technical ambitions of the company while maintaining the highest standards of security and privacy for our customers and partners. As cybersecurity threats evolve, so do we.

About the Role

Uber’s Engineering Security organization is looking for a Cloud Security Engineering Manager to lead our cloud security engineering tooling team. In this role you will be responsible for leading a team of highly skilled software and security engineers who think ‘cloud-native’ and whose principal mission is to build hybrid cloud security tooling. You will work closely with our product engineering and operations teams to bridge the gap between private and public cloud services, working on our next-generation multi-cloud platform design building integrated security services. This is a unique opportunity for an engineering manager who is collaborative and has a healthy sense of curiosity to join Uber Engineering Security to make real positive impacts to our security posture, lead the strategic direction and evolution of our cloudsec tooling, and help us improve our security designs at scale in our next-gen of systems and services.

What You'll Do

• Lead, manage, and develop our geographically distributed cloudsec engineering security team. Mentor and teach junior software engineers
• Manage a team that designs, builds and deploys in-house cloud services and tooling specific for hybrid cloud security (container security, kubernetes) and automation services
• Partner with internal customers such as infrastructure, IAM, operations and governance teams to build tooling and technology to optimize continuous deployment, monitoring and secure baseline assessment technologies.
• Create quality written work products and engineering artifacts for both technical engineering and non-technical consumers
• Be a domain expert and ambassador to Uber Engineering and our subsidiaries, for cloud security standard processes, and all related aspects of cloud security pertaining to production services security
• Work with product teams throughout the company to provide cloud security guidance to remediate known public cloud configuration vulnerabilities

Basic Qualifications

• B.S. in Computer Science, Electrical, or Computer Engineering (or more), and equivalent work experience as a software engineering or security practitioner
• Programming skills in at least two of: Java, Go, Python (bonus points for more than one).
• 2+ years of management experience, and 6+ years overall of relevant software engineering, product development and/or security engineering
• Have a formal knowledge of cloud security assessments, container security, and be able to translate how cloud security complements typical application and systems security.
• Ability to problems solve and make complex analytical decisions with less than full information in ambiguous situations and environments

Preferred Qualifications

• You have great social skills, deep technical ability, and a history of successful execution in cloud security engineering and product development within industry.
• Prior experience leading teams over multiple locations
• Experience working with in-house engineering organizations, S-SDLC/CICD software lifecycle and QA processes, and understanding of software security architecture principles.
• Familiarity with deployment of application architectures within 2 or more of Azure, AWS, OCI and GCP public cloud providers

For San Francisco, CA-based roles: The base salary range for this role is $216,000 per year - $240,000 per year.

For Seattle, WA-based roles: The base salary range for this role is $216,000 per year - $240,000 per year.

For Sunnyvale, CA-based roles: The base salary range for this role is $216,000 per year - $240,000 per year.

For all US locations, you will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. You will also be eligible for various benefits. More details can be found at the following link https://www.uber.com/careers/benefits.

Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form.

Offices continue to be central to collaboration and Uber’s cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.

Core Security Engineering’s mission is to make the Uber environment secure by default and provide industry-leading products and services to all Uber's production services and infrastructure. We are passionate about building both security primitives and end-user products that help Uber engineers to secure their service, build trust, and advance security to enable our global business.

About the Role

We are looking for a Staff Security Engineer with IAM domain expertise to join our Trusted Identity Organization. We build and maintain Identity, Encryption key material for all of Uber’s services. You’ll work on critical distributed multi-cloud services at scale built with the best security practices at the forefront.

You’ll drive long-term decisions and leverage next generation infrastructure technologies to continuously scale and operate such foundational security services.

What you will do

You will be joining a team responsible for IAM at Uber and have an opportunity to work on:

• Run time SAML and OIDC authentication for micro services running on multi cloud and on-premises environments.
• Tools responsible for human and device identity lifecycle management.
• Architecture, Implementation, and scaling of Certification Authorities, Validation Authorities, and Registration Authority roles.
• Design and implement resilient and reliable mico services to support build, run, distribute and recycle digital identities and manage life cycle.
• Provide interoperability with enrollment services and LDAP directories.

Basic Qualification

• 5+ years of experience in a backend development role participating in the SDLC (coding, design/architecture, testing, etc).
• 5+ years of experience in Tools and Technology development in Identity and Access Management, Public Key Infrastructure, or a related field.
• Expertise in C++, C#, Golang, Java, or Python.
• Deep understanding of Infrastructure security spanning across public cloud and on-premise environments.

Preferred Qualification

• Experience in Microservices Architecture.
• Experience with Front end and Backend software development.
• Extensive experience (5+ years) designing and implementing large enterprise-grade systems that scale to the business requirements.
• Domain expertise in Single-sign-on and MultiFactor Authentication systems.
• Experience in developing tooling for Identity and Access Management.

For Sunnyvale, CA-based roles: The base salary range for this role is $216,000 per year - $240,000 per year.

You will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. You will also be eligible for various benefits. More details can be found at the following link https://www.uber.com/careers/benefits.

Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form.

Offices continue to be central to collaboration and Uber’s cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.

The security organization at Uber is dedicated to enabling safe and secure innovation while protecting the communities we serve both online and in the physical world. Our teams are responsible for protecting both people and their data across intersections of the digital and physical world. The primary objective for Uber Engineering Security team is to enable the technical ambitions of the company while maintaining the highest standards of security and privacy for our customers and partners. As cybersecurity threats evolve, so do we.

About the Role

The senior risk lead is responsible for the effective assumption of manageable risk and helps the organization avoid anything that might threaten the successful execution of the company’s duties by developing a risk management framework that anticipates, identifies, eliminates and/or mitigates threats to keep the company operating effectively

What You'll Do

• Implement a new information security risk framework, including a robust risk prioritization and quantification methodology to deliver effective and pragmatic risk solutions to pressing cybersecurity problems.
• Perform technical security risk assessments of computing environments to identify points of vulnerability, non-compliance, with established IA standards and regulations.
• Provide subject matter expertise and collaborate with various issue and risk owners to understand gaps, develop appropriate compensating controls and mitigating strategy, or remediation plans to improve security
• Monitor the external threat environment for emerging threats
• Evaluate operational risks and formulate strategies to overcome and mitigate vulnerabilities.
• Implement and oversee core risk management tools, including risk identification, risk assessment, quantification, & prioritization, and the development & execution of mitigation plans
• Establish and track key performance indicators (KPIs), Objectives and Key Results (OKRs), and other program maturity measures
• Establish partner engagement including outreach, formal training, involvement in committees, building and maintaining strong relationships, educating the broader Uber workforce in risk management principles and techniques
• Stand-up a risk management board steering committee working with stakeholder leadership team to establish appropriate risk thresholds and acceptance criteria
• Serve as an advisor and partner with risk owners in other areas of the company. For example, internal audit, payments security, physical security, financial risk management to name a few.

Basic Qualifications

• 15 years of Cybersecurity experience and 10 in Cybersecurity Risk Management
• Experience in IT regulations and implementing control frameworks like SIRA, NIST, CIS, PCI DSS, GDPR, COBIT, FISMA, HIPAA, ISO 27001, SOC2, etc.
• Experience in cyber risk quantification modeling techniques, e.g. Monte Carlo analysis, FAIR Methodology, etc.
• Experience in process automation and efficiency

Preferred Qualifications

• Ability to interpret and apply related federal, state, and local laws, ordinances, rules, regulations, etc.
• Experience in delivering robotics process automation (RPA) solutions for GRC functions
• Ability to establish and maintain effective working relationships
• Ability to deliver best of breed security solutions, solve complex security and risk problems, through understanding of tech stack to define, drive, and execute implementation of end to end solutions
• Ability to communicate complex topics effectively to all levels of management including executives

At Uber, we ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 600 cities around the world.

We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have a curiosity, passion and collaborative spirit, work with us, and let’s move the world forward, together.

Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

If you have a disability or special need that requires accommodation, please let us know by completing this form.

For San Francisco, CA-based roles: The base salary range for this role is $220,000 per year - $244,000 per year.

For Seattle, WA-based roles: The base salary range for this role is $220,000 per year - $244,000 per year.

For Sunnyvale, CA-based roles: The base salary range for this role is $220,000 per year - $244,000 per year.

For all US locations, you will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. You will also be eligible for various benefits. More details can be found at the following link https://www.uber.com/careers/benefits.

Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form.

Offices continue to be central to collaboration and Uber’s cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.

The security organization at Uber is dedicated to enabling safe and secure innovation while protecting the communities we serve both online and in the physical world. Our teams are responsible for protecting both people and their data across intersections of the digital and physical world. The primary objective for Uber Engineering Security team is to enable the technical ambitions of the company while maintaining the highest standards of security and privacy for our customers and partners. As cybersecurity threats evolve, so do we.

About the Role

Core Security Engineering’s mission is to make the Uber environment secure by default and to provide industry leading products and services to all our users, services and infrastructure. We build both security primitives and end users products that help Uber engineers to secure their service, build trust, and advance security to enable our global business.

What You'll Do

• Define clear scope of projects and deliver the program objectives with critical timelines working with large team of engineers and stakeholders.
• Recruit, mentor talent, and develop a strong technical team.
• Establish and communicate team vision and goals
• Work with partners to develop product and technology roadmap for identity and access management organization and align with multi-functional requirements.
• Drive team progress to plan and deliver against the roadmap.
• Drive the engineering standards and team’s critical metrics that align with the larger organization and Uber engineering vision.
• Nurture multi-functional, cross-team collaboration by building positive relationships across multiple Uber engineers teams across Uber and with other partners.

Basic Qualifications

• Bachelor's degree in computer science or related field.
• 3+years of experience managing software engineering teams with a solid understanding of security systems design and architecture.
• Experience in building highly scalable, reliable and fault tolerant systems for business critical applications
• Experience leading agile development and adopting engineering best practices with well defined goals and metrics.
• Ability to hire, empower, develop and retain top talent and build a dynamic and impactful team.

Preferred Qualifications

• Knowledge of highly scalable security systems in the area of run time authentication, authorization and global login services.
• Knowledge of building secure IAM and Directory services.
• A strategic mentality, comfortable thinking far ahead of where the team is at now
• Creative problem solver, having an excellent understanding of business goals and able to identify and solve high impact, highly complex problems
• Excellent execution, organization and collaboration skills
• Biased toward action, able to do more with less and turn would-be blockers into opportunities for growth

At Uber, we ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 600 cities around the world.

We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have a curiosity, passion and collaborative spirit, work with us, and let’s move the world forward, together.

Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

If you have a disability or special need that requires accommodation, please let us know by completing this form.

For San Francisco, CA-based roles: The base salary range for this role is $216,000 per year - $240,000 per year.

For Seattle, WA-based roles: The base salary range for this role is $216,000 per year - $240,000 per year.

For Sunnyvale, CA-based roles: The base salary range for this role is $216,000 per year - $240,000 per year.

For all US locations, you will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. You will also be eligible for various benefits. More details can be found at the following link https://www.uber.com/careers/benefits.

Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form.

Offices continue to be central to collaboration and Uber’s cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.