Engineering Security, Safety & Security in Seattle, WA
At Uber, we ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 600 cities around the world.
We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let’s move the world forward, together.
About the Role
As a member of Threat Response you will help develop a culture where creativity, inclusion, and quality are key values. You’ll research, analyze and track threats targeting Uber and its industry sectors and leverage that knowledge to influence cyber security initiatives. You will establish, maintain and deepen partnerships with the broader threat intelligence community, contributing to and benefiting from security defenders globally.
What You’ll Do
Apply your analytical knowledge, tools, and tradecraft to provide insight, predictive warning, and actionable intelligence to partner teams and customers
Produce actionable short-term and long-term written assessments and brief the organization on emerging trends, threat actors, and their tactics, techniques, and procedures (TTPs)
Partner with the Security Response and Threat Detection programs, enhancing both functions through your threat research
Produce threat intelligence and threat indicator feeds through intelligence analysis against internal Uber data sources including threat alerting, investigations and incident responses
Collect, process, curate, and apply external and internal threat intelligence feeds to the Uber detection platform and security controls
Provide written Threat Intelligence briefs to executives and business leaders
What You’ll Need
Minimum of 4 years producing actionable threat intelligence on targeted threat groups with significant impact on threat detection and defenses
Minimum of 4 years collaborating with trusted partners on threat intelligence issues to improve collective defenses
Expert knowledge of the full spectrum of adversary operation - including how to pivot between intrusion artifacts across different intrusion phases to derive new insights
Experience analyzing host and log forensic artifacts associated with targeted threat groups, including data acquisition and analysis techniques
Experience analyzing network traffic captures across protocol layers and experience with how adversaries utilize a range of application/transport/network protocols for their operations
Experience analyzing advanced malware samples deployed in intrusion campaigns targeting significant public or private sector organizations
Hands on understanding of persistence and command and control mechanisms used by adversaries
Experience with long term tracking and analysis of multiple distinct targeted threat groups, documenting their campaigns, capabilities, TTPs, and objectives / intent
Bonus Points If
Tool development and automation using Python, Go or other programming / scripting languages
About the Team
Uber’s Threat Response team is responsible for detecting, investigating, and orchestrating the successful defense of threats targeting Uber’s infrastructure, services, and millions of users globally.
At Uber we don’t just accept difference—we celebrate it, we support it, and we thrive on it for the benefit of our employees, our products and our community. Uber is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.