Engineering Security, Safety, Security & Insurance à San Francisco, CA
At Uber, we ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 600 cities around the world.
We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let’s move the world forward, together.
About the Role
The Sr. Security Incident Commander will perform the computer incident response function of the UBER-Security Response & Investigations team. The commander will work closely with the SRI Manager to execute the strategic vision for the team and help mature a constantly evolving computer network defense program. The commander provides procedural expertise on a day-to-day basis. They are responsible for being on call for security crisis management and leading mitigation efforts for critical information security events.
What You’ll Do
Respond to threats within our corporate, production, and advanced platforms environments
Execute on incident response plans, identify root cause, and drive mitigations to prevent future occurrences
Mentor and provide guidance to junior team members in communications, leadership, and response best practices
Identify and execute on projects that improve our incident response automation and incident response capabilities
Refine incident response procedures. Improve existing and create new investigation & remediation workflows
Be part of Uber's first line of defense. We handle active security events and cutting-edge threats from a variety of sources, you will be part of a 24/7 oncall rotation
Assist in mitigating future threats and closing gaps through analysis of recurring incident trends - maintain incident metrics and communicate with leadership
What You’ll Need
7+ years of information security experience in security incident handling and/or security operations
Advanced understanding and experience in Incident Response and associated best practices
Experience in identifying, analyzing, scoping, containing and eradicating current real-world security threats
An understanding of the current threat landscape and adversary tactics, techniques and procedures (TTP's)
Strong continuous process design and improvement skills
Knowledge of Linux, Windows, and OS X operating systems
Experience mitigating multiple types of security incidents: Data Exfiltration, APT, DDOS, Malware/Ransomware, Network Intrusion, Bug Bounty, etc.
Familiarity across multiple ISC2 Security Domains
Familiarity of network and server architecture and infrastructure design
Nice to Have
Knowledge of enterprise-scale security technologies and capabilities to include SIEM, log analysis, incident case management, HIDS/NIDS, antivirus, full packet capture, malware analysis, firewall, remote forensics, user behavior analytics
Knowledge of network and host-based forensic methodologies
About the Team
The Threat Response: Security Response team is crucial in defense of UBER’s computing environment. A Security Incident Commander must be agile, willing to learn, and think outside of the box in order to operate effectively in an ever changing threat landscape. This sr-career position provides an opportunity to work in a fast paced collaborative environment defending UBER from current and future cyber threats. Enjoy coming in every day to “fight for the user”; knowing your work is critical in the defense of UBER and our users.
Chez Uber, nous ne faisons pas qu'accepter la différence : nous la célébrons, nous la soutenons et nous l'encourageons pour nos collaborateurs, nos produits et notre communauté. Uber est fier d'offrir les mêmes opportunités à chacun. Nous nous engageons à offrir à tous les mêmes opportunités, quels que soient, par exemple, l'origine, la religion, l'identité et orientation sexuelle, l'âge, la nationalité, le statut marital ou le handicap.