Sr. Security Engineer - Bug Bounty

| Dallas-Fort Worth, TX
Sorry, this job was removed at 1:56 p.m. (CST) on Saturday, September 25, 2021
Find out who's hiring in Dallas, TX.
See all Cybersecurity + IT jobs in Dallas, TX
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

About the Role
We are seeking a hardworking Sr. Security Engineer to join our Bug Bounty team.
In this role, you will build relationships with the security research community through daily interactions, virtual promo bug bounty events and live hacking events. In addition, you will be verifying bug bounty reports, performing root cause analysis, and assessing their impact while partnering with engineering teams across the company to track vulns through remediation.
In addition, you will be building out services to automate common bug bounty processes, as well as designing, implementing and deploying automation to scale Bug Bounty operations across a growing list of M&As spread all over the world.
The ideal candidate will have a solid background in Computer Science or Security and be able to work effectively with external and internal partners in a collaborative and fast paced environment.
What You'll Do
• Validate and triage bug bounty reports.• Perform threat modeling and code reviews to assess the security implications of patches, new features, systems and technologies.• Create 1-click POCs for common security vulnerabilities.• Design, implement and deploy automation to solve common bug bounty tasks.• Scale & expand our regression testing platform.• Design, implement and deploy automation to scale vuln variant discovery.• Identify novel attacks and security weaknesses in company owned apps and services; Automate their discovery using state-of-the-art control-flow and data-flow analysis techniques, methods and tools.• Provide security guidance to application and service owners to remediate security vulnerabilities.• Mentor junior security engineers
Basic Qualifications:
• Bachelor's in Computer Science or a related field.• Expertise in at least one security domain (e.g., web security, mobile security, authentication/authorization, etc.)• Expertise finding and fixing common security vulnerabilities (e.g., OWASP Top 10)• Programming skills in at least one of: Go, Java, Python, NodeJS, etc.
Preferred Qualifications:
• Master's in Computer Science or a related field.• Prior bug bounty, appsec or vuln management experience.• Expertise in multiple security domains or crypto systems.• Experience designing, implementing and deploying large distributed systems• Ability to work with and get consensus from cross-functional teams.• Organized, self-motivated, and comfortable in a fast-paced environment.• Ability to motivate internal teams to prioritize security vulnerabilities in addition to OKR work.• Ability to see the big picture, build out concise, comprehensive, yet realistic project plans.
About the Team
We are a team of software engineers with security mindsets. We lead the principled vulnerability discovery initiative at Uber. We ensure that all code at Uber adheres to company-wide security standards and is devoid of known security vulnerabilities.
To that end, we design, develop and deploy automation to detect, track and remediate vulnerabilities in thousands of web services, tens of thousands of client endpoints and mobile devices, and hundreds of thousands of prod & CORP infrastructure assets.
In addition, we crowdsource security intelligence via our Bug Bounty program, red team exercises, as well as manual and automated security audits.
Finally, we use research-quality CFG and DFG principles to codify the latest security breakthroughs into custom queries. We then deploy those queries across our fleet of advanced security scanners. As a result, we create efficiency and deliver results at the speed of automation.
At Uber, we ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 10,000 cities around the world.
We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let's move the world forward, together.
Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form.

More Information on Uber
Uber operates in the 3PL: Third Party Logistics industry. The company is located in San Francisco, CA, New York City, NY, Chicago, IL and Seattle, WA. Uber was founded in 2009. It has 21000 total employees. It offers perks and benefits such as Volunteer in local community, Partners with nonprofits, Friends outside of work, Eat lunch together, Intracompany committees and OKR operational model. To see all 79 open jobs at Uber, click here.
Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Similar Jobs

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about UberFind similar jobs