Senior Software Security Engineer

You will apply strong software engineering fundamentals to build production-grade systems that raise the security bar across Uber's mobile and web applications. This role offers the opportunity to collaborate closely with engineers across the company, mentor junior team members, make a measurable impact on Uber's security posture, and continue growing both your software engineering and security expertise.

• What the Candidate Will Do ----
• Design, build, and deploy large-scale automation to discover, analyze, and remediate security vulnerabilities across thousands of services.
• Design end-to-end systems and features for application security platforms, including secret discovery, code scanning, and vulnerability remediation.
• Identify security-sensitive functionality and coverage gaps across applications and services, and develop automation to close those gaps.
• Research novel attack techniques and security weaknesses, and automate their detection using innovative tools and approaches.
• Build distributed backend systems that power real-time analytics and data-driven security insights at Uber scale.
• Collaborate closely with engineering teams and stakeholders across Security, Privacy, Compliance, Infrastructure, and Product to integrate security capabilities into Uber's platform.
• Provide guidance to application and service owners to remediate identified security issues.
• Perform threat modeling, design reviews, and code reviews to assess security risks in new and existing systems.
• Mentor junior and new graduate engineers.

• Bachelor's degree in Computer Science, Engineering, or a related field.
• 5+ years of professional experience in software engineering.
• Strong programming experience in one or more languages such as Go, Java, C, or Python (Go preferred).
• Experience identifying and remediating common security vulnerabilities (e.g., OWASP Top 10).
• Solid understanding of service-oriented and distributed system architectures.
• Experience designing and implementing REST APIs.
• Experience with datastore technologies, including relational and NoSQL databases.
• Familiarity with distributed messaging systems (e.g., Kafka or similar).
• Preferred Qualifications ----
• Master's degree (or Ph.D.) in Computer Science, Engineering, or a related field.
• Experience designing, implementing, and operating production-quality distributed systems.
• Experience building real-time data pipelines and analytics systems.
• Experience integrating open-source security scanners and/or commercial security tools.
• Expertise across multiple security domains, such as application, cloud, or systems security.
• Experience performing threat modeling, design reviews, and code reviews.
• Strong communication skills, with the ability to clearly articulate technical concepts to diverse audiences.

For New York, NY-based roles: The base salary range for this role is USD$202,000 per year - USD$224,000 per year. For San Francisco, CA-based roles: The base salary range for this role is USD$202,000 per year - USD$224,000 per year. For Seattle, WA-based roles: The base salary range for this role is USD$202,000 per year - USD$224,000 per year. For Sunnyvale, CA-based roles: The base salary range for this role is USD$202,000 per year - USD$224,000 per year. For all US locations, you will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. All full-time employees are eligible to participate in a 401(k) plan. You will also be eligible for various benefits. More details can be found at the following link https://jobs.uber.com/en/benefits.