Engineering Security, Safety, Security & Insurance in Seattle, WA
At Uber, we ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 600 cities around the world.
We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let’s move the world forward, together.
About the Role
The Security Engineer will perform the technical response & investigations function for Uber’s Security Response & Investigations team. This engineer will execute the strategic vision for the team and help mature a constantly evolving computer network defense program. This engineer provides procedural expertise on a day-to-day basis, and is responsible for helping to build out the program for analyzing & responding to critical events.
What You’ll Do
Detect threats and respond to compromised assets within our corporate, production, and advanced technology center environments
Execute on incident response plans, identify root cause, and drive mitigation to prevent future occurrences
Help build out technical investigations and response best practice
Investigate cases of internal abuse using forensic investigation methodologies
Refine incident response procedures. Improve existing and create new investigation & remediation workflows - automation, context and orchestration as code
Be part of Uber's first line of defense. We handle active security events and cutting-edge threats from a variety of sources, you will be part of a 24/7 oncall rotation
Assist in mitigating future threats and closing gaps through analysis of recurring incident trends - maintain incident metrics and assist in reporting to leadership
What You’ll Need
Advanced-level understanding and experience in incident response and associated best practices.
3+ years experience in identifying, analyzing, scoping, containing, and eradicating real-world threats.
Demonstrated expertise in network and host-based forensic methodologies and software.
Ability to navigate large, dirty, data sets, quickly.
Working knowledge of Linux, Windows, and OS X operating systems
Comfortable with scripting languages (Python preferred) and regular expressions.
Strong knowledge of common network protocols.
Demonstrated knowledge of enterprise-scale security technologies and capabilities to include SIEM, log analysis, incident case management, HIDS/NIDS, antivirus, full packet capture, malware analysis, firewall, remote forensics, user behavior analytics.
An understanding of the current threat landscape and adversary tactic, techniques and procedures (TTP's).
A strong desire for continuous process improvement and operational excellence.
Bonus Points If
Development experience or contributed to open-source projects.
Experience with automation and orchestration tools.
About the Team
The Security Response & Investigations team is crucial in defense of UBER’s computing environment. Monitoring, analyzing, and responding to threats targeting UBER is what defines this team. A Security Response Engineer must be agile, willing to learn, and think outside of the box in order to operate effectively in an ever changing threat landscape. This sr-career position provides an opportunity to work in a fast paced collaborative environment defending UBER from current and future cyber threats. Enjoy coming in every day to “fight for the user”; knowing your work is critical in the defense of UBER and our users.
At Uber we don’t just accept difference—we celebrate it, we support it, and we thrive on it for the benefit of our employees, our products and our community. Uber is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.