Sr Security Technologist - Compliance
About the Role
You'll own Uber's overall IAM (identity and access management) security compliance program in production. The security compliance program helps Uber satisfy complex regulatory and industry requirements, at a significant scale. You will:
- Own the vision and mission of Uber's IAM security compliance program with a focus on efficiency and flexibility. This program enables the company to respond to new and updated compliance requirements quickly and sustainably.
- Proactively communicate on program performance via dashboards, critical metrics, etc.
- Act as a liaison between Internal Audit, Security, and Engineering to develop, test, and report on various compliance related requirements.
- Drive the execution of access control implementation across Uber's technology environment to address a wide variety of regulatory and compliance requirements.
- Identify and evaluate access control gaps and oversee remediation efforts, in partnership with control owners and rest of Uber compliance team
- Prepare, maintain, and improve documentation to support compliance efforts (e.g., Policies, Standards, Narratives).
- Help enhance GRC tool features, control automation, and real-time controls monitoring.
- 5+ years of experience implementing and operating programs for security compliance, IT compliance, or security risk management.
- BA/BS or MS degree in Computer Science, Engineering, Information Security, Management Information Systems, or equivalent practical experience.
- Experience implementing some of the following frameworks and standards: ITIL, COBIT, ISO 27001/2, NIST, PCI DSS, SANS CIS, HIPAA, SOX, SOC, CIS top 20, GDPR.
- Experience working side-by-side with engineers.
- Experience in managing cross-organization programs with demonstrated communication skills.
- Experience with detail oriented analysis and execution.
- Experience in basic data analysis and reporting.
- Experience developing new and/or advanced technical solutions.
- Technical certifications in IT Audit or Security - e.g., CISSP, CISA, CISM, etc.
- GRC tool implementation experience.
- Experience working in a DevOps or microservice environment.
- Experience working on various external customer-facing activities to ensure customer understanding and comfort over Uber's security controls and processes.
- Experience assessing third-party vendors.
- Experience working with engineers for the automation of security controls.
At Uber, we ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 10,000 cities around the world.
We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let's move the world forward, together.
Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form.
Uber is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, Veteran Status, or any other characteristic protected by law.