GRC Manager

About the Role

Uber's Engineering Security team is seeking a GRC Engineering Manager (L5B) in India with a

strong engineering mindset to drive the modernization of our global Governance, Risk, and

Compliance (GRC) programs. This role is primarily responsible for identifying and executing

opportunities to scale and streamline GRC functions through AI, automation, and engineering-driven process design.

The successful candidate will focus on building solutions that bring efficiency, accuracy, expanded scope, and resilience to our global risk, compliance, and assurance programs. This includes designing and implementing scalable architectures, integrating intelligent automation, and partnering closely with both regional and global leaders to execute against cross-functional goals.

This is an ideal role for a technologist or architect who understands GRC principles but thrives in building systems that transform manual compliance work into intelligent, data-driven operations.

Management Model: Matrixed, Cross-Functional Collaboration

This role operates within a matrixed global structure:

• The GRC Engineering Manager will have a hard reporting line to the Engineering Security Director in India, who leads the APAC Security Risk & Compliance organization.
• The role will also have dotted-line reporting to the Engineering Security Director in the US, who is overall leader for Global Security Risk & Compliance and will partner with the U.S. based program managers responsible for various GRC functions.

What You'll Do

Engineering & Innovation

• Architect and implement scalable, automated solutions to modernize GRC operations.
• Embed AI and machine learning into risk and compliance processes to improve efficiency, scope, and accuracy.
• Design data pipelines, automation workflows, and dashboards to support continuous compliance and decision-making.

Cross-Functional Collaboration

• Work closely with global program owners to deliver localized execution of strategic initiatives.
• Partner with security, compliance, legal, and engineering teams to align system design with business and regulatory requirements.
• Serve as a bridge between engineering execution and program-level governance goals.

Leadership & Execution

• Contribute to the design and delivery of risk, trust, and compliance services including customer assurance, vendor risk, and data governance initiatives.
• Lead and mentor a team of engineers and analysts, driving a culture of innovation and accountability. Be responsible for their performance and career growth.
• Deliver on shared objectives in partnership with dotted-line stakeholders while managing operational stability.

Basic Qualifications

• Bachelor's degree in Computer Science, Engineering, Cybersecurity, Information Systems, or related technical field.
• 12+ years of experience in security engineering, risk automation, or compliance architecture roles.
• Proven experience delivering AI/ML or automation-driven solutions in risk or compliance domains.
• Proficiency in scripting or programming (e.g., Python, PowerShell, SQL) for automation and data integration.
• Strong leadership in matrixed or global environments with cross-functional stakeholders.

Preferred Qualifications

• Advanced certifications such as CISSP, CRISC, or equivalent with a technical or architectural focus.
• Experience operationalizing controls, metrics, or audits via technology platforms (e.g., GRC tools, workflow engines, custom dashboards).
• Familiarity with frameworks such as NIST, ISO 27001, or SOC 2, especially in the context of engineering implementation.
• Demonstrated success in building GRC tools, pipelines, or systems that deliver real-time insights and scalable controls.

Excellent communication and collaboration skills to interface across engineering, legal, and business teams.

We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let’s move the world forward, together.

Offices continue to be central to collaboration and Uber’s cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.

*Accommodations may be available based on religious and/or medical conditions, or as required by applicable law. To request an accommodation, please reach out to accommodations@uber.com.