Senior Security Engineer

About the Role

Uber is seeking a Senior Security Engineer to join our Application Security team. In this role, you will help evolve and extend Ubers already highly automated AppSec platform by designing and deploying next-generation capabilities, including AI-driven vulnerability scanning, agent-based discovery, and intelligent asset indexing. You will build and operate security automation that continuously identifies vulnerabilities such as XSS, SQLi, CSRF, and more across Ubers application ecosystem.

You will apply strong software engineering fundamentals to build production-grade systems that raise the security bar across Ubers mobile and web applications. This role offers the opportunity to collaborate closely with engineers across the company, mentor junior team members, make a measurable impact on Ubers security posture, and continue growing both your software engineering and security expertise.

What the Candidate Will Do

• Design, build, and deploy large-scale automation to discover, analyze, and remediate security vulnerabilities across thousands of services. • Design end-to-end systems and features for application security platforms, including secret discovery, code scanning, and vulnerability remediation. • Identify security-sensitive functionality and coverage gaps across applications and services and develop automation to close those gaps. • Research novel attack techniques and security weaknesses and automate their detection using innovative tools and approaches. • Build distributed backend systems that power real-time analytics and data-driven security insights at Uber scale. • Collaborate closely with engineering teams and stakeholders across Security, Privacy, Compliance, and Infrastructure to integrate security capabilities into Ubers platform. • Provide guidance to application and service owners to remediate identified security issues. • Perform threat modeling, design reviews, and code reviews to assess security risks in new and existing systems. • Mentor junior and new graduate engineers.

Basic Qualifications

1. Bachelors degree in Computer Science, Engineering, or a related field.
2. 5 years of professional experience in software engineering.
3. Strong programming experience in one or more languages, such as Go, Java, C, or Python, with Go preferred.
4. Experience identifying and remediating common security vulnerabilities, e.g., OWASP Top 10.
5. Solid understanding of service-oriented and distributed system architectures.
6. Experience designing and implementing REST APIs.
7. Experience with datastore technologies, including relational and NoSQL databases.
8. Familiarity with distributed messaging systems, e.g., Kafka or similar.

Preferred Qualifications

1. Masters degree or Ph.D. in Computer Science, Engineering, or a related field.
2. Experience designing, implementing, and operating production-quality distributed systems.
3. Experience building real-time data pipelines and analytics systems.
4. Experience integrating open-source security scanners and/or commercial security tools.
5. Expertise across multiple security domains, such as application, cloud, or systems security.
6. Experience performing threat modeling, design reviews, and code reviews.
7. Strong communication skills with the ability to clearly articulate technical concepts to diverse audiences.

Seattle, WA-based roles:

The base salary range for this role is USD $202,000 per year - USD $224,000 per year. You will be eligible to participate in Ubers bonus program and may be offered an equity award and other types of compensation. You will also be eligible for various benefits. More details can be found at the following link: https://www.uber.com/careers/benefitshttps://www.uber.com/careers/benefits.

Ubers mission is to reimagine the way the world moves for the better. Our bold ideas create real-world impact, challenges drive growth, and speed fuels progress. What moves us moves the world - lets move it forward together.

Uber is proud to be an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form: https://forms.gle/DWTk9k6xtMU25Y5A.

Offices continue to be central to collaboration and Ubers cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.