Passer au contenu principal
Uber

Dites-nous où vous êtes

Veuillez saisir le nom de la ville la plus proche pour que nous puissions afficher les informations correspondant à votre zone

Sélectionnez votre langue

Cyber Security Auditor

Accounting, Finance & Accounting à Hyderabad, India

At Uber, we ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 600 cities around the world.

 

 

We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let’s move the world forward, together.

About the Role

 

 

The Cyber Security Auditor will be responsible for conducting Cyber Security Audits in an objective, thorough and timely manner. The candidate is a self-starter, customer-obsessed, analytical and has a curious mindset. This candidate will work with process/control owners that include stakeholders from Engineering, Infrastructure, Business and Security to identify risk from Uber's homegrown systems and related processes as well as support management to build out a comprehensive cyber security controls program.

 

What You’ll Do
 
  • Participation and contributing in all planning phase of the audits to understand the underlying system architecture in the context of cyber security controls, impact on the business and identify the key risks and controls to be assessed.
  • Preparation of the audit testing program and assessment of the design and implementation as well as operational effectiveness of the controls associated with the key risks identified. The testing may require usage of  data analysis techniques,, code inspection and re-performance of system processes.
  • Assessment of the risk and impact of the issues identified on reviews and presentation of the report to management.
  • Follow up with stakeholders on the due finding remediations to drive closure
  • Ad hoc work on firmwide projects around new processes or activities and investigation of incident
  • Ongoing liaison with colleagues globally and internal and external stakeholders including regulators and external auditors.
  • Maintenance of internal stakeholder relationships and regular interaction with the business during the year to assess changes in the control environment and other matters arising in the business.
  • Participate in Advisory projects to perform risk assessments of the new technology systems, applications or upgradations to determine the cyber security risks and communicate to the engineering management

 

What You’ll Need

 

  • 6+ years of relevant technology audit experience or experience in using a combination of the following technologies:
  • Experience in Cyber and Information Security risk assessments
  • In-depth Application Security knowledge, strong fundamental understanding of web application technology and network protocol stack
  • Proven experience in auditing web, android and ios based applications, firm grasp on application security standards and methodologies (OWASP, SANS PCI, NIST, CSA)
  • Development background with experience in secure code-review would be an advantage
  • Experience with Splunk and/or other SIEM platforms would be useful
  • Understanding of Networks infrastructure design, configuration parameters for review
  • Hands-on experience in conducting architecture and design reviews in the following areas:-
    • Cloud computing technologies, risks and mitigating controls
    • Database design, setup and administration (DBA) in SQL and NoSQL Database Environment
    • System hardening and configuration of servers and desktops (UNIX, Windows, Directory Services etc.)
    • Technology operations (Backups, Change Management, System monitoring, Incident/Problem Management, Identity and Access Management)
    • Business Continuity Planning and Disaster Recovery design and implementation
    • Microservices, Service Oriented Architecture, DevSecOps
  • Experience in global security and privacy standards and regulations – ISO 27001, EU GDPR, GLBA, NIST Cybersecurity framework and HIPAA etc.
  • Experience in managing audit engagements or technology projects
  • Team-oriented with a strong sense of ownership and accountability
  • Highly motivated with the ability to multi-task and remain organized in a fast-paced environment

 

Bonus Points if

 

  • Experience developing or integrating new and/or advanced technical security solutions.
  • Technical certifications in IT Audit or Security such as CISSP, CEH, OSCP CISA, CISM.

 

 

About the Team

 

  • At Uber, Tech Audit team ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 600 cities around the world.
  • We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let's move the world forward, together.
  • We enable business agility while intelligently managing risks through: Internal Controls, SOX Compliance, Fraud Risk Management, Operation Excellence, ERM, Investigations, Business Enablement, Cyber Security and Compliance Audits.

 


Déclaration de confidentialité pour les postulants

Chez Uber, nous ne faisons pas qu'accepter la différence : nous la célébrons, nous la soutenons et nous l'encourageons pour nos collaborateurs, nos produits et notre communauté. Uber est fier d'offrir les mêmes opportunités à chacun. Nous nous engageons à offrir à tous les mêmes opportunités, quels que soient, par exemple, l'origine, la religion, l'identité et orientation sexuelle, l'âge, la nationalité, le statut marital ou le handicap.