Cloud Security Engineer Uber
Seattle, WA

Job Description

Uber Overview

At Uber, we ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 600 cities around the world.

We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let's move the world forward, together.

Job Description

About the Role

We are seeking a talented Security Engineer to join our team in Seattle. This innovator will tackle producing an autonomous policy driven security strategy to harden our cloud infrastructure.

What You'll Do / What You'll Need / Bonus Points / About the Team

Our mission

Enabling Uber users and services to leverage the cloud with confidence for their business needs in the most productive, secure, and efficient way possible.

Who are we?

Our team is helping partner teams to leverage cloud resources in the most efficient, compliant and secure way possible. We are providing the following:

* Architecture reviews of products and services which are using cloud resources or integrating with cloud services
* Provisioning and support of cloud user- and service accounts through our service desk
* Monitoring of accounts and resources in the cloud; identification and remediation of non-compliant configurations
* Definition and implementation of security policies related to access of cloud resources

What You'll Do

* Build, maintain and manage a central security policy for our cloud infrastructure
* Build a continuous audit solution to validate systems against policy
* Continuously scan and respond to policy violations

Who You Are

You immerse yourself in all aspects of security. You are a subject matter expert, who brings organization to everything they do and is excited about bringing the world's best minds together to solve crazy hard problems.

What You'll Need

* Experience with administration of cloud data storage and -computing solutions (Google Cloud Platform (preferred) or AWS/Azure)
* Clear understanding of cloud computing services/deployment architecture
* Are comfortable generating automated metrics to measure service and program effectiveness and consistency
* Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies
* Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.
* Ability to communicate ideas and proposals concisely, both verbally and written, to senior staff members
* Source Control Expertise across Organizations (Git)
* Container experience (Docker)
* CI/CD Pipeline experience
* Programmatic Integration with Ticketing and Asset Management systems
* Experience with software vulnerabilities, how CVEs are reported, and how they relate to specific system packages and remediations
* Programming skills (Python, Go)
* Hands-on security experience, with in-depth knowledge of security, scaling in the cloud, and software engineering practices
* A solid understanding of information security standards & methodologies
* Ability to distill complex security problems and drive toward creative solutions
* Strong organizational and relationship skills

Bonus Points if you have

* Cloud Security and Architecture related certifications (Google Cloud Platform Professional Cloud Architect/Developer, Amazon AWS Certified Solutions Architect - Professional, Amazon AWS Certified DevOps Engineer - Professional)
* Familiarity with PCI, SOC2, SOX, and ISO standards
* Agile/SCRUM experience
* CISSP Certification
* Web server/client architecture and implementation experience (OpenAPI/Swagger, agent deployment)
* Experience in operation and configuration of both Windows and Linux systems
* Container orchestration experience (e.g. Mesos)
* Experience with nosql databases (e.g. Cassandra)