Sr. Security Engineer - Vulnerability Management @ Uber - Mill Valley, CA

Job Overview

15 days ago

Sr. Security Engineer - Vulnerability Management

Uber - Mill Valley, CA

About the Role
We are seeking a hardworking Sr. Security Engineer to join our Vulnerability Discovery team. The new member of our team will focus on building out and scaling our asset inventory platform, as well as scaling our CORP and Infrastructure-wide security scanning capabilities. In addition, the nUber will work closely with our M&As in an effort to scale their Vulnerability Management function, close any remaining gaps, and improve patch health visibility into M&As’ endpoints, mobile, prod, COPR and cloud infrastructure. You can expect to spend 50%+ of your time implementing new security tools, improving existing ones, as well as building out and deploying new security integrations. The nUber will also lead medium- to large-scale security projects, be responsible for creating long-term project roadmaps, prioritizing project objectives, as well as executing on those objectives and roadmaps in well-defined timelines.
What You'll Do
  • Design, build and deploy automation to scale infrastructure vulnerability discovery efforts across a growing list of M&As.
  • Work closely with M&As around the world to set up and scale their Vulnerability Management function.
  • Build out and scale our asset inventory platform.
  • Drive vuln remediation across prod, CORP, cloud, endpoint and mobile assets.
  • Provide actionable security guidance to asset owners in an effort to speed up vuln remediation.
  • Mentor junior security engineers
Basic Qualifications:
  • Bachelor's in Computer Science or a related field or equivalent industry experience
  • Experience in at least one security domain (e.g., infrastructure security, web security, etc.)
  • Expertise in at least one of: Go, Java, Python, NodeJS, etc.
Preferred Qualifications:
  • Experience designing, implementing and deploying large distributed systems
  • Prior vulnerability management experience
  • Expertise in multiple security domains
  • Ability to see the big picture, build out concise, comprehensive, yet realistic project plans
  • Ability to communicate ideas and proposals concisely
  • Proven track record demonstrating impact across several teams, organizations and/or security areas
About the Team
We are a team of software engineers with security mindsets. We lead the principled vulnerability discovery initiative at Uber. We ensure that all code at Uber adheres to company-wide security standards and is devoid of known security vulnerabilities.
To that end, we design, develop and deploy automation to detect, track and remediate vulnerabilities in over 5,000 web services, endpoints, mobile devices, prod & CORP infrastructure.
In addition, we crowdsource security intelligence via our Bug Bounty program, red team exercises, as well as manual and automated security audits.
Finally, we use research-quality CFG and DFG principles to codify the latest security breakthroughs into custom queries, which we then deploy across our fleet of advanced security scanners. As a result, we expand the return on investment of our manual labor.

Similar Jobs

Security Engineer

Twitch Interactive, Inc.

San Francisco, CA

Deploy new security tooling using AWS Cloud Development Kit (CDK) and Ansible. 3+ years of demonstrated work experience with focus in areas such as systems,…

Information Security Analyst, Associate

Health Plan of San Joaquin

French Camp, CA

Basic knowledge of threat landscape, security threat and vulnerability management, and security monitoring and analytics. Uses time effectively and efficiently.

Staff Product Security Engineer

Five9

San Francisco, CA

8+ years of full-time security engineering or information security experience. Perform security assessments on new and existing products and cloud-based…

Principal Software Test Engineer NGFW/Cloud Security

Palo Alto Networks

Santa Clara, CA

You will work with a multi- functional team of engineers solving interesting problems in the area of L2-7 / Cloud security.

Sr Principal Software Test Engineer (Cloud Security)

Palo Alto Networks

Santa Clara, CA

Experience leading QA test or automation teams involved with Cloud or Network security. You will be part of a world-class software QA engineering team that…

IT Business Systems Analyst

United Business Bank

Walnut Creek, CA

Demonstrated ability to analyze security and technology control effectiveness. Required Knowledge: Understanding of current technology and regulatory trends…

Network Engineer, Security

Google

Sunnyvale, CA

Analyze the security of network systems from hardware to cloud services, and discover and address security issues.

Staff Security Engineer

Spire Global

San Francisco, CA

Proven experience implementing security controls. Demonstrated history and willingness to solve security problems hands-on at the code level.

Senior Security Engineer

Course Hero

Redwood City, CA

Familiar with security compliance such as, information security policies, audits and incident response. Build strong security practices around defending Course…

Lead Information Security Engineer

WELLS FARGO BANK

San Francisco, CA

Review and correlate security logs. Provide security consulting on large projects for internal clients to ensure conformity with corporate information, security…

Senior Software Engineer, Security/Privacy, Google Cloud Platform

Google

Sunnyvale, CA

3 years of experience building software for data privacy or security (e.g., identity and access management). 5 years of experience with software development in…

Cyber Security Engineer (part-time)

Sacramento Municipal Utility District

Sacramento, CA

Skill in using security event correlation tools. Principles and practices of system security engineering, design, development, analysis, testing and security…

Cyber Security Analyst

Joby Aviation

Santa Cruz, CA

Knowledge of penetration testing, network security, and the techniques used to expose and correct security flaws.

Senior RF Cyber Security Engineer

General Dynamics Mission Systems, Inc

San Jose, CA

Department of Defense TS/SCI security clearance is preferred at time of hire. Applicants selected will be subject to a U.S. Government security investigation…

Sr. Security Analyst

Oportun Inc

San Carlos, CA

Provide security subject matter expertise to diverse teams through security consultation for risk analysis, remediation and solution development for…

Reverse/Cyber Security Software Engineer

General Dynamics Mission Systems, Inc

San Jose, CA

Understanding of cyber security concepts. Department of Defense TS/SCI security clearance is preferred at time of hire.

RF/ Cyber Engineer

General Dynamics Mission Systems, Inc

San Jose, CA

Understanding of cyber security concepts. Department of Defense TS/SCI security clearance is preferred at time of hire.

Senior Principal Reverse Engineer

General Dynamics Mission Systems, Inc

San Jose, CA

Understanding of cyber security concepts. CLEARANCE REQUIREMENTS: [Department of Defense Secret security clearance is preferred at time of hire.

Associate Security Engineer - 100% remote - C2H position

SuryaTek LLC

Dublin, CA

Analysts assist in the development and implementation of information security technical standards, prepares status reports on information security matters to…

Security Engineer

SuryaTek LLC

Dublin, CA

The O365 Solutions engineer is primarily responsible for the design and development of O365 messaging and security solutions. Job Types: Full-time, Contract.

Application Security Engineer - Crypto - Remote FT W2 + Stock Options

Kraken Digital Asset Exchange

San Francisco, CA

The engineer will also closely work with developers to diagnose, document and remediate security vulnerabilities. 3+ years of Development experience.

Lead Information Security Engineer

WELLS FARGO BANK

Concord, CA

Review and correlate security logs. Provide security consulting on large projects for internal clients to ensure conformity with corporate information, security…

Senior Security Engineer

Front

San Francisco, CA

Communicate security risks to stakeholders and engineers. We are looking for an experienced security engineer to help build, manage, and scale Front’s security…

Application Security Engineer

Earnin

Palo Alto, CA

Perform security review of application design and provide security requirement. Integrate security tools into CICD. There are no loans or hidden costs.

Ad