Sr. Security Strategist - Payments
About the Role
Uber's Engineering Security team works to ensure the security of information for our full set of users - riders, eaters, drivers and partners. Our ultimate goal is to ensure that every experience with Uber is simple, secure, and safe.
We are seeking a talented Senior Security Strategist to join our Security Assurance team, to develop and maintain Uber's payment security compliance program.
What You Will Do:
You'll be tasked with leading and operating Uber's payment security compliance program, which will assist Uber in meeting complex strategic, regulatory and industry standard requirements, operating at significant scale. You will:
- Manage the strategy, development and ongoing implementation of Uber's payment security compliance requirements including but not limited to PSD2, NYDFS, and Mexico FinTech Law (IFPE security requirements).
- Assess payment security risks, and evaluate the efficacy of controls designed to help address risks. Partner effectively across the organization to track remediation and drive improvements.
- Continuously improve generation and collection of program artifacts and documentation - e.g., data flow diagrams, policies, risk assessment, audit evidence, etc.
- Provide communication and training to stakeholders, to increase awareness and efficacy.
- Establish relevant metrics, KPIs and KRIs to communicate program performance.
- Work proactively and collaboratively with fellow security compliance team members to comprehensively manage strategy, execution and stakeholder needs.
- Cultivate relationships with security, engineering, legal, internal audit and business stakeholders to strengthen the payment security program and plan effectively for its future.
- B.S. degree or equivalent work experience in security, risk management, compliance, information systems or other relevant field.
- 6+ years of combined risk management, risk consulting, and / or security work experience.
- Knowledge of payments industry and related technologies
- Deep knowledge of payment security risks and global compliance requirements.
- Deep knowledge of security practices and controls applied to address payment security risks, including proven implementation experience.
- Certified Information Systems Security Professional (CISSP) or equivalent.
- Current or former PCI Internal Security Assessor (ISA) or Qualified Security Assessor (QSA).
- Experience managing global payment compliance requirements PCI and beyond - such as PSD2, GLBA, etc.
- Technical understanding of how payment and cardholder data protection controls are implemented and operating across various technologies and environments.
- Results-oriented, with demonstrated problem-solving and decision-making skills.
- Strategic thinker; ability to drive the vision and structure of the program in alignment with Uber's objectives.
- Effective stakeholder management skills; ability to influence and work across many groups and levels to develop the most effective approach.
- Excellent written and verbal communication skills.
- Advanced interpersonal skills to effectively promote ideas, collaborate across teams and influence stakeholders.
- Experience creating and refining metrics to articulate and measure program performance.
- Active and passionate in the security industry; equipped with external networking relationships to maintain relevant knowledge of best practices, tactics, strategies and technologies.
- Previous experience in a tech or fintech, DevOps, engineering-driven culture preferred.
At Uber, we ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 10,000 cities around the world.
We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let's move the world forward, together.
Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form.
Uber is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, Veteran Status, or any other characteristic protected by law.
Europe, Middle East & Africa
United States & Canada
Life at Uber