Sr Product Security Engineer
We're changing the way people think about transportation. Not that long ago we were just an app to request premium black cars in a few metropolitan areas. Now we're a part of the logistical fabric of more than 500 cities around the world. Whether it's a ride, a sandwich, or a package, we use technology to give people what they want, when they want it.
For the women and men who drive with Uber, our app represents a flexible new way to earn money. For cities, we help strengthen local economies, improve access to transportation, and make streets safer.
And that's just what we're doing today. We're thinking about the future, too. With teams working on autonomous trucking and self-driving cars, we're in for the long haul. We're reimagining how people and things move from one place to the next.
About the job
Uber's Security team works to ensure the security of all code, systems and data used by our riders, drivers and partners. Product Security is responsible for working with engineers to design, build, advise and review security concerns across a diverse variety of projects.
You will be relied upon to provide engineering and product teams with the security expertise necessary to make confident product decisions. You will be finding security vulnerabilities through manual review, tools you build or one on ones with other engineers. You will write code to systemically fix security issues across the codebase. You will advise teams on the best way to build something to prevent future security issues.
What you'll do
- Investigate and understand our newest projects and technologies and give security guidance to ensure that they are as robust as possible.
- Perform code and design reviews of internally developed applications.
- Develop security tools to find or fix security issues en masse.
- Create automated tests to encourage and enforce security standards.
- Develop security training and education for our software engineers.
- Ensure that identified issues are prioritized and addressed in an appropriate time frame.
- Interact directly with the security community regarding vulnerabilities and threats
What you'll need
- Understanding of Python, Node.js, Go.
- A passion for both breaking and building.
- Excellent knowledge of web application security issues.
- Willingness to compromise when it's necessary and hold firm when it's essential.
- A deep desire to build robust things (But also break them!)
- An interest in teaching security since we're all in this together.
- Excellent communication skills.
Back to top