Sr. Security Engineer - Vulnerability Management

| New York City, NY
Sorry, this job was removed at 8:08 p.m. (CST) on Saturday, June 11, 2022
Find out who's hiring in New York City, NY.
See all Cybersecurity + IT jobs in New York City, NY
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

About the Role
We are seeking a hardworking Sr. Security Engineer to join our Vulnerability Discovery team. The new member of our team will focus on building out and scaling our asset inventory platform, as well as scaling our CORP and Infrastructure-wide security scanning capabilities. In addition, the nUber will work closely with our M&As in an effort to scale their Vulnerability Management function, close any remaining gaps, and improve patch health visibility into M&As' endpoints, mobile, prod, COPR and cloud infrastructure. You can expect to spend 50%+ of your time implementing new security tools, improving existing ones, as well as building out and deploying new security integrations. The nUber will also lead medium- to large-scale security projects, be responsible for creating long-term project roadmaps, prioritizing project objectives, as well as executing on those objectives and roadmaps in well-defined timelines.
What You'll Do
* Design, build and deploy automation to scale infrastructure vulnerability discovery efforts across a growing list of M&As.
* Work closely with M&As around the world to set up and scale their Vulnerability Management function.
* Build out and scale our asset inventory platform.
* Drive vuln remediation across prod, CORP, cloud, endpoint and mobile assets.
* Provide actionable security guidance to asset owners in an effort to speed up vuln remediation.
* Mentor junior security engineers
Basic Qualifications:
* Bachelor's in Computer Science or a related field or equivalent industry experience
* Experience in at least one security domain (e.g., infrastructure security, web security, etc.)
* Expertise in at least one of: Go, Java, Python, NodeJS, etc.
Preferred Qualifications:
* Experience designing, implementing and deploying large distributed systems
* Prior vulnerability management experience
* Expertise in multiple security domains
* Ability to see the big picture, build out concise, comprehensive, yet realistic project plans
* Ability to communicate ideas and proposals concisely
* Proven track record demonstrating impact across several teams, organizations and/or security areas
About the Team
We are a team of software engineers with security mindsets. We lead the principled vulnerability discovery initiative at Uber. We ensure that all code at Uber adheres to company-wide security standards and is devoid of known security vulnerabilities.
To that end, we design, develop and deploy automation to detect, track and remediate vulnerabilities in over 5,000 web services, endpoints, mobile devices, prod & CORP infrastructure.
In addition, we crowdsource security intelligence via our Bug Bounty program, red team exercises, as well as manual and automated security audits.
Finally, we use research-quality CFG and DFG principles to codify the latest security breakthroughs into custom queries, which we then deploy across our fleet of advanced security scanners. As a result, we expand the return on investment of our manual labor.

More Information on Uber
Uber operates in the 3PL: Third Party Logistics industry. The company is located in San Francisco, CA, New York City, NY, Chicago, IL and Seattle, WA. Uber was founded in 2009. It has 21000 total employees. It offers perks and benefits such as Volunteer in local community, Partners with nonprofits, Friends outside of work, Eat lunch together, Intracompany committees and OKR operational model. To see all 76 open jobs at Uber, click here.
Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Similar Jobs

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about UberFind similar jobs