Skip to main content
Uber

Tell us your location

Please enter your nearest city name to help us display the correct information for your area

Senior Security Strategist

Engineering Security, Safety & Security in San Francisco, CA

At Uber, we ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 600 cities around the world.

 

We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let’s move the world forward, together.

About the job

Uber's Security team works to ensure the security of information for our full set of users - riders, eaters, drivers and partners. Our ultimate goal is to ensure that every experience with Uber is simple, secure, and safe.

 

We are seeking a talented Security Strategist to join our Security Assurance team in San Francisco, who will concentrate their efforts on developing and maintaining Uber’s security compliance program. The Security Strategist will dive head first into developing sustainable solutions for complex regulatory and industry standard requirements, and helping secure everything from the corporate network to the production computation environment.

 

Who you are

You immerse yourself in all aspects of security. You have a passion for optimizing costly, time consuming processes and automating manual tasks. You have knowledge of open source technologies and tools that an be used to support Uber’s microservice architecture. You have strong understanding of DevOps and infrastructure automation techniques, including supporting tools and technologies.

 

What you'll do

You’ll be tasked with developing and maintaining Uber’s security compliance program. The security compliance program will assist Uber in meeting complex regulatory and industry standard requirements and it will operate at significant scale. You will:

  • Oversee and periodically report on control performance.
  • Drive the execution of compliance initiatives related to access management, change management, vulnerability management, security by design, etc.
  • Advise on control requirements, identify gaps, and oversee remediation efforts by partnering with control owners and engineers on design and implementation.
  • Bring together technical and security experts to solve problems efficiently. Enhance compliance tool features to enable control automation and real-time monitoring.
  • Act as the liaison between Internal Audit and Engineering Security, and the broader Engineering community on developing, testing, and reporting on various compliance related requirements.
  • Organize and improve any communications and processes to better support a reliable control environment.

 

What you'll need

  • 2 to 5 years of experience in implementing and operating programs for security compliance, IT compliance, or security risk management.
  • BA/BS or MS degree in Computer Science, Engineering, Information Security, Management Information Systems, or equivalent practical experience.
  • Experience implementing  some or all of the following frameworks and standards: COBIT, ISO 27001/2, NIST, PCI DSS, SANS CIS, HIPAA, SOX, SOC.
  • Experience working with engineers to automate security controls.
  • Strong program management background.
  • Excellent organizational and communications skills.
  • Detail oriented and thorough in documentation and deliverables.
  • Experience in basic data analysis and reporting. Proficient with Microsoft Office and Google Suite.
  • An entrepreneurial mindset and a positive, can-do attitude.

 

Bonus points if

  • Experience developing new and/or advanced technical solutions.
  • Technical certifications in IT Audit or Security such as CISSP, CISA, CISM.
  • GRC tool implementation experience.
  • Business Process Improvement experience, including proficiency in process mapping tools (Omnigraffle, MS Visio, or Lucid).
  • Experience working in a DevOps or microservice environment
  • Experience working on various external customer-facing activities to ensure customer understanding and comfort over Uber’s security controls and processes.
  • Experience assessing third-party vendor security.

Perks

  • The rare opportunity to change the way the world moves. We're not just another social web app, we're moving real people and assets and reinventing transportation and logistics globally.
  • Smart, engaged co-workers.
  • Employees are given Uber credits every month.

Benefits

  • 401(k) plan, gym reimbursement, ten paid company holidays.
  • Full medical/dental/vision package to fit your needs.
  • Unlimited vacation policy; work hard and take time when you need it.

Uber is an equal opportunity employer and enthusiastically encourages people from a wide variety of backgrounds and experiences to apply. Uber does not discriminate on the basis of race, color, religion, sex (including pregnancy), gender, national origin, citizenship, age, mental or physical disability, veteran status, marital status, sexual orientation or any other basis prohibited by law.


See our Candidate Privacy Statement

At Uber we don’t just accept difference—we celebrate it, we support it, and we thrive on it for the benefit of our employees, our products and our community. Uber is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.