About The Role

Uber's Engineering Security team works to ensure the security of information for our full set of users - riders, eaters, drivers and partners. Our ultimate goal is to ensure that every experience with Uber is simple, secure, and safe.

We seek a talented Security Analyst II to join our Core Security Engineering Team.

What The Candidate Will Need / Bonus Points

---- What the Candidate Will Do ----

• Manage the planning, scoping, execution and documentation for IAM controls
• Work with internal teams to address their IAM requirements using Uber's standard IAM Services/Framework
• Act as a liaison between Auditors and Engineering/IT by coordinating requests for information, evidence and coordinating responses to observations.
• Research new security compliance requirements and assist in evaluating compliance control requirements.
• Support and monitor remediation efforts of audit findings and validate the closure by reviewing relevant evidence.
• Write detailed narrative, remediation plans, and other supporting documentation
• Provide actionable, technical advice to software engineers to enhance security control design & effectiveness (including for cloud environments)
  
  

Basic Qualifications

• Bachelor's in Computer Science or a related field or equivalent industry experience
• Understanding of authentication, authorization, and directory services
• Experience working closely with auditors and/or external regulators
• Experience operating as part of a Information security program in alignment with common information technology management frameworks such as ISO 27001, NIST, CIS, ITIL, COBIT, etc.
• Strong written and verbal communication skills
• Strong program management skills
  
  

Preferred Qualifications

• 5+ years in Identity and Access Management
• 3+ years of experience managing Information Security audits (e.g. SOX, SOC 2, ISO 27001, PCI DSS)
• Deep understanding of security techniques, practices, and controls that can be applied to address risks.
• Prior experience leading or managing security audits at a SaaS/Cloud company or as a Security Auditor at an audit firm
• Security certifications such as CISSP, CISA, CRISC, ISO 27001 Lead Auditor, etc.
• Experience with GRC tools (e.g. ServiceNow GRC, SAP GRC, Auditboard)
• Experience with SQL
• Experience with coding/scripting
  
  

For Sunnyvale, CA-based roles: The base salary range for this role is USD$152,000 per year - USD$169,000 per year. You will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. You will also be eligible for various benefits. More details can be found at the following link https://www.uber.com/careers/benefits.