Sr. Security Engineer - Vulnerability Management @ Uber - Sausalito, CA

Job Overview

15 days ago

Sr. Security Engineer - Vulnerability Management

Uber - Sausalito, CA

About the Role
We are seeking a hardworking Sr. Security Engineer to join our Vulnerability Discovery team. The new member of our team will focus on building out and scaling our asset inventory platform, as well as scaling our CORP and Infrastructure-wide security scanning capabilities. In addition, the nUber will work closely with our M&As in an effort to scale their Vulnerability Management function, close any remaining gaps, and improve patch health visibility into M&As’ endpoints, mobile, prod, COPR and cloud infrastructure. You can expect to spend 50%+ of your time implementing new security tools, improving existing ones, as well as building out and deploying new security integrations. The nUber will also lead medium- to large-scale security projects, be responsible for creating long-term project roadmaps, prioritizing project objectives, as well as executing on those objectives and roadmaps in well-defined timelines.
What You'll Do
  • Design, build and deploy automation to scale infrastructure vulnerability discovery efforts across a growing list of M&As.
  • Work closely with M&As around the world to set up and scale their Vulnerability Management function.
  • Build out and scale our asset inventory platform.
  • Drive vuln remediation across prod, CORP, cloud, endpoint and mobile assets.
  • Provide actionable security guidance to asset owners in an effort to speed up vuln remediation.
  • Mentor junior security engineers
Basic Qualifications:
  • Bachelor's in Computer Science or a related field or equivalent industry experience
  • Experience in at least one security domain (e.g., infrastructure security, web security, etc.)
  • Expertise in at least one of: Go, Java, Python, NodeJS, etc.
Preferred Qualifications:
  • Experience designing, implementing and deploying large distributed systems
  • Prior vulnerability management experience
  • Expertise in multiple security domains
  • Ability to see the big picture, build out concise, comprehensive, yet realistic project plans
  • Ability to communicate ideas and proposals concisely
  • Proven track record demonstrating impact across several teams, organizations and/or security areas
About the Team
We are a team of software engineers with security mindsets. We lead the principled vulnerability discovery initiative at Uber. We ensure that all code at Uber adheres to company-wide security standards and is devoid of known security vulnerabilities.
To that end, we design, develop and deploy automation to detect, track and remediate vulnerabilities in over 5,000 web services, endpoints, mobile devices, prod & CORP infrastructure.
In addition, we crowdsource security intelligence via our Bug Bounty program, red team exercises, as well as manual and automated security audits.
Finally, we use research-quality CFG and DFG principles to codify the latest security breakthroughs into custom queries, which we then deploy across our fleet of advanced security scanners. As a result, we expand the return on investment of our manual labor.

Similar Jobs

Security Engineer

Twitch Interactive, Inc.

San Francisco, CA

Deploy new security tooling using AWS Cloud Development Kit (CDK) and Ansible. 3+ years of demonstrated work experience with focus in areas such as systems,…

Information Security Analyst, Associate

Health Plan of San Joaquin

French Camp, CA

Basic knowledge of threat landscape, security threat and vulnerability management, and security monitoring and analytics. Uses time effectively and efficiently.

Principal Software Test Engineer NGFW/Cloud Security

Palo Alto Networks

Santa Clara, CA

You will work with a multi- functional team of engineers solving interesting problems in the area of L2-7 / Cloud security.

Sr Principal Software Test Engineer (Cloud Security)

Palo Alto Networks

Santa Clara, CA

Experience leading QA test or automation teams involved with Cloud or Network security. You will be part of a world-class software QA engineering team that…

Network Engineer, Security

Google

Sunnyvale, CA

Analyze the security of network systems from hardware to cloud services, and discover and address security issues.

Staff Security Engineer

Spire Global

San Francisco, CA

Proven experience implementing security controls. Demonstrated history and willingness to solve security problems hands-on at the code level.

Senior Security Engineer

Course Hero

Redwood City, CA

Familiar with security compliance such as, information security policies, audits and incident response. Build strong security practices around defending Course…

Staff Product Security Engineer

Five9

San Francisco, CA

8+ years of full-time security engineering or information security experience. Perform security assessments on new and existing products and cloud-based…

IT Business Systems Analyst

United Business Bank

Walnut Creek, CA

Demonstrated ability to analyze security and technology control effectiveness. Required Knowledge: Understanding of current technology and regulatory trends…

Lead Information Security Engineer

WELLS FARGO BANK

San Francisco, CA

Review and correlate security logs. Provide security consulting on large projects for internal clients to ensure conformity with corporate information, security…

Cyber Security Engineer (part-time)

Sacramento Municipal Utility District

Sacramento, CA

Skill in using security event correlation tools. Principles and practices of system security engineering, design, development, analysis, testing and security…

Senior Software Engineer, Security/Privacy, Google Cloud Platform

Google

Sunnyvale, CA

3 years of experience building software for data privacy or security (e.g., identity and access management). 5 years of experience with software development in…

Senior RF Cyber Security Engineer

General Dynamics Mission Systems, Inc

San Jose, CA

Department of Defense TS/SCI security clearance is preferred at time of hire. Applicants selected will be subject to a U.S. Government security investigation…

Reverse/Cyber Security Software Engineer

General Dynamics Mission Systems, Inc

San Jose, CA

Understanding of cyber security concepts. Department of Defense TS/SCI security clearance is preferred at time of hire.

RF/ Cyber Engineer

General Dynamics Mission Systems, Inc

San Jose, CA

Understanding of cyber security concepts. Department of Defense TS/SCI security clearance is preferred at time of hire.

Senior Principal Reverse Engineer

General Dynamics Mission Systems, Inc

San Jose, CA

Understanding of cyber security concepts. CLEARANCE REQUIREMENTS: [Department of Defense Secret security clearance is preferred at time of hire.

Sr. Security Analyst

Oportun Inc

San Carlos, CA

Provide security subject matter expertise to diverse teams through security consultation for risk analysis, remediation and solution development for…

Cyber Security Analyst

Joby Aviation

Santa Cruz, CA

Knowledge of penetration testing, network security, and the techniques used to expose and correct security flaws.

Lead Information Security Engineer

WELLS FARGO BANK

Concord, CA

Review and correlate security logs. Provide security consulting on large projects for internal clients to ensure conformity with corporate information, security…

Application Security Engineer - Crypto - Remote FT W2 + Stock Options

Kraken Digital Asset Exchange

San Francisco, CA

The engineer will also closely work with developers to diagnose, document and remediate security vulnerabilities. 3+ years of Development experience.

Senior Security Engineer

Front

San Francisco, CA

Communicate security risks to stakeholders and engineers. We are looking for an experienced security engineer to help build, manage, and scale Front’s security…

Senior Information Security Engineer

WELLS FARGO BANK

Concord, CA

3 + years of experience with network security, endpoint security, or security threat vectors. Review and correlate security logs. 1+ year of Splunk experience.

Application Security Engineer

Earnin

Palo Alto, CA

Perform security review of application design and provide security requirement. Integrate security tools into CICD. There are no loans or hidden costs.

Technologist, Product Security Engineer specializing in Cloud

Western Digital

San Jose, CA

You will mentor other security engineers and product development teams on security best practices including threat modeling and security validation.

Ad