At Uber, we ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 600 cities around the world.
We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let's move the world forward, together.
About the Role
As a Senior Program Manager in EngSec, you will lead security due diligence and post-close integration and migration for M&As and related transactions. You will lead security assessment and remediation efforts related to application security, network and infrastructure security, endpoint security, risk and compliance, and onboarding/ deprovisioning of bulk resources.
What You'll Do / What You'll Need / Bonus Points / About the Team
What You'll Do
* Build long-term relationships with the business development team to become a valued strategic partner. Influence a broad set of stakeholders to ensure Security is involved early on in M&As, divestitures, and restructuring.
* Develop integration strategies based on deal rationale, diligence findings, and input from stakeholders; continue to refine the plan as a deal progresses. Form secure integration strategies which provide a pragmatic roadmap for ensuring timely risk reduction for all M&A activities.
* Manage the full life cycle of day-to-day security integration activities including coordination of detailed functional plans, communication with key stakeholders, and issue resolution. Create awareness of cross functional interdependencies and establish prioritization for plan execution to minimize disruption on daily operations.
* Lead internal and/or third-party security assessment, architecture review, and penetration or other testing of the target organization and develop integration plans to include remediation of identified weaknesses and/or implementation of compensating controls.
* Standardize and improve existing due diligence and security integration methods with inputs from across Security in order to comprehensively assess the target organization's technical environment, security posture and capabilities, and inherit internal and third-party risks. Capture best practices and lessons learned throughout the due diligence period for continuous improvement for future acquisitions.
* Provide regular status reporting to senior leadership and key stakeholders on the overall status of due diligence and integration activities, including plan execution and risk identification, prioritization and triage.
What You'll Need
* 7+ years and B.S. degree or equivalent related work experience in security, software engineering, risk management, compliance, information systems or other relevant field.
* Relevant experience conducting security due diligence and leading through integrations (both IT and Security) at a tech organization.
* Deep knowledge of security practices and controls applied to pragmatically address security risks.
* Experience executing complex projects and delivering to time commitments with strong attention to detail.
* Excellent interpersonal skills and ability to establish trust with internal/external partners.
* Organized, self-driven, and comfortable handling high-profile and complex situations.
* Strong written and verbal communication skills.
Bonus Points If
* Previous experience with M&A and business development processes at large/complex technology companies.
* Successful track record as a security practitioner, including conducting diligence of M&A or other equivalent transactions that were critical to the growth of the organization.
* Comprehensive understanding of security domains, processes, risks and controls.
* Seasoned program leader who can execute by influencing and managing teams, both directly and indirectly, in a matrixed environment.
* Excellent communicator who is seen as a subject matter expert, and can influence at all levels of an organization.
* Experience in change management and contemporary approaches to navigate organizational and cultural change.
* Active in the security industry; equipped with external networking relationships to maintain relevant knowledge of best practices, tactics, strategies and technologies.
About the Team
Uber's security program managers enable operational excellence for Security's most challenging domains. PgMs help develop sustainable structures, processes and solutions for addressing security risk and managing implementation of complex requirements across a diverse business and technology landscape.
Perks & Benefits
* Employees are given Uber credits every month.
* 401(k) plan, gym reimbursement, ten paid company holidays.
* Full medical/dental/vision package to fit your needs.
* Unlimited vacation policy; work hard and take time when you need it.
Uber is an equal opportunity employer and enthusiastically encourages people from a wide variety of backgrounds and experiences to apply. Uber does not discriminate on the basis of race, color, religion, sex (including pregnancy), gender, national origin, citizenship, age, mental or physical disability, veteran status, marital status, sexual orientation or any other basis prohibited by law.
Uber is a provider of a mobile application connecting passengers with drivers for hire.