About the job
Uber's Security team works to ensure the security of all private, personal, location, and payment information for our full set of users: riders, drivers, partners, 3rd parties, and corporations. Our ultimate goal is to ensure that every single experience with Uber is simple, secure, trusted, and safe. The scope, number of verticals, and global reach (72+ countries, 650+ cities) - on top of very dynamic transactions, data, and analytics - keeps it that much more interesting!
We are seeking a talented and senior technical program manager to join our strong TPM team with ownership of key Security, Access and Privacy efforts in San Francisco. You will embed with Uber's infrastructure team and work closely with the CISO's EngSec team and the privacy legal team. You will drive a world class privacy and access program, owning the strategy and execution of multiple business-critical security and privacy initiatives.
Who you are
You are a program builder and owner who immerses themselves in all aspects of security with a particular passion for privacy and access. You are looking for an opportunity that will try your technical skills and challenge your creativity. You can bridge the gap between business needs and technical implementations, and are ready to face a wide range of security questions and challenge the status quo when you see things that can be done better. You are a subject matter expert in the security and privacy domain and push innovative ideas that solve technical and organizational challenges at a global scale. You have knowledge of open source technologies and tools that can be used to support controls in Uber's microservice architecture. You have strong understanding of DevOps and infrastructure automation techniques, tools and technologies.
What you'll do
- Drive the adoption of security frameworks, practices and mindset at every layer of the stack
- Map critical business priorities to dependencies and align cross-functional roadmaps
- Earn the respect of world class engineers and serve as a collaborative partner
- Foster innovative solutions to security, engineering, and infrastructure challenges
- Continuously improve and champion Uber's access and privacy policies
- Streamline process and communication between the security and engineering organizations
- Advise on control requirements, identify gaps, and oversee remediation efforts by partnering with control owners and engineers on design and implementation
- Organize and improve communications and processes to better support a reliable control environment.
What you'll need
- At least 5 years of Technical Program Management experience in the security domain
- Technical degree and years of software development and/or infrastructure exposure in a large, distributed environment
- Domain expertise with authentication, authorization, and directory services
- Solid understanding or large scale infrastructure and software engineering concepts
- Good judgement on when to "solve for yes" and when to push back with a "no"
- Strong communication skills and adaptable work style
Bonus points if you have
- Experience with large scale migrations and software deployments in a rapidly changing, multi-language microservices environment
- Background as a software engineering, infrastructure / cloud engineering, technical lead, and/or engineering manager
- Entrepreneurial aptitude and/or experience
- Experience implementing controls to meet some or all of the following frameworks and standards: SOX, SOC 2, ISO 27001/2, NIST, PCI DSS, CIS Top 20, HIPAA, etc.
- Experience developing/supporting automated approaches to operate and test controls in a microservice/DevOps environment
About the Team
The Uber Technical Program Management (TPM) team plays a critical role executing high-impact company-wide initiatives and continuously improving process to increase the effectiveness of our product and engineering organizations.