Sr Security Engineer – Investigations

Job Expired

About the Team

Uber’s Security Response and Investigations (SRI) team is the cybersecurity incident response body at Uber. SRI responds to security incidents and mitigates security threats across the company. The SRI team is made of three teams: vSOC (virtual Security Operations Center), Investigations and Automation, and Incident Command. You will be joining the Investigations and Automation team.

About the Role

As a Security Engineer on the Investigations and Automation team, you will be on the ground floor, responding to security incidents, providing hands-on investigations, forensics, and response expertise, developing automation solutions, and helping to shape security responses at Uber. You will also partner closely with the security operations center analysts and incident commanders, leading incident investigations and providing mentorship to analysts.

This is an opportunity to be on the ground floor, helping to build out tools, processes and procedures, with your work affecting the company at large. This is a hands-on technical position tasked with investigating cybersecurity incidents on the Uber platform as well as against the business. You should enjoy getting your hands dirty doing complex analysis and investigations – you are comfortable being the technical expert. You will solve complex puzzles, piecing together the most obscure clues, while building and communicating solid work results. Candidates must have a driving passion for hunting down the bad guys, as well as the intuition and judgement required to efficiently prioritize their work. Candidates must have excellent communication and problem solving skills, along with experience dealing with sensitive matters effectively and respectfully.

What You Will Do

  • Conduct rapid response, mitigation, and investigations on highest priority cases impacting Uber and user data.
  • Conduct forensics investigations and present findings.
  • Develop automation to improve the consistency and efficiency of incident response.
  • Conduct threat hunting.
  • Partner with global team members to drive response and investigations globally.
  • Support and mentor analysts conducting investigations and triage.
  • Manage multiple cases and projects at once while effectively prioritizing time.
  • Produce concise yet thorough case reports for internal and external stakeholders.

Basic Qualifications

  • Must be highly experienced in the incident response lifecycle.
  • 8+ years of hands-on experience on a security engineering or operations team responding to cyber security incidents.
  • Strong foundation in security principles.
  • Cybersecurity knowledge across multiple domains such as network, hosts, applications, data, cloud and etc.
  • Strong problem-solving skills.

Preferred Qualifications

  • Experience with cybersecurity forensic methodologies and software.
  • Experience driving complex incidents or leading large investigations end-to-end.
  • Technical experience with DevOps and scripting languages for automating data gathering and investigation workflows. Experience with building automations for incident response is a plus.
  • Threat hunting experience.
  • Applied knowledge of cyber intel frameworks such as ATT&CK framework and kill-chain model.
  • Experience working crisis events for a global company. Ability to work across geographically distributed teams.
  • Certifications in Security is a plus.

Along with the extreme passion for the hunt, we’re looking for solid technical generalists. While you don’t need every skill on the list, you should be an expert in at least a few, a casual user of others, and a conceptual understanding of all.

At Uber, we reimagine the way the world moves for the better. The idea was born on a snowy night in Paris in 2008, and ever since then, our DNA of reimagination and reinvention carries on. We’ve grown into a global platform moving people and things in ever-expanding ways, taking on big problems to help drivers, riders, delivery partners, and eaters make movement happen at the push of a button for everyone, everywhere.

We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let’s move the world forward, together.

Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form.

More Information

  • This job has expired!
Share this job

Uber

(0)

13th Anniversary Global InfoSec Awards for 2025 now open for early bird packages! Winners Announced during RSAC 2025...

X