About the Role
The CyberSecurity Incident Response team (CIRT) is at the forefront of protecting Uber, our customers, and our partners from evolving security threats. We are a hands-on, fast-paced team that responds to security incidents, conducts forensic investigations, and builds automated solutions to scale our defence.
As a Security Analyst on the CIRT team, you will be a key player in our incident response efforts. This is a technical and investigative role where you'll be responsible for:
-
Responding to security incidents and mitigating threats across the company.
-
Conducting in-depth investigations and digital forensics to uncover the root cause of attacks.
-
Developing and implementing automation solutions using tools like SIEM and SOAR to improve our response capabilities.
-
Collaborating with other security and engineering teams to address vulnerabilities and strengthen our security posture.
-
Communicating your findings clearly and concisely to help shape our long-term security strategy.
We are looking for someone who is passionate about solving complex security puzzles and is eager to build innovative solutions to protect a global platform.
What the Candidate Will Need / Bonus Points
- What the Candidate Will Do -
-
Incident Response: Act as a first responder to security alerts, triaging and containing threats across the Uber platform.
-
Forensic Analysis: Investigate security incidents by analyzing logs, network traffic, and host data to determine the root cause, scope, and impact.
-
Automation: Develop and deploy scripts and playbooks to automate incident response workflows and improve team efficiency.
-
Threat Hunting: Proactively search for emerging threats and vulnerabilities using threat intelligence to mitigate risks before they can be exploited.
-
Collaboration: Partner with other teams to share threat intelligence, recommend security improvements, and communicate incident findings.
- Basic Qualifications -
-
Bachelor's degree in Computer Science, Information Security, or a related field..
-
3+ years of professional experience in a security-focused role, such as Incident Response, Security Operations, or Digital Forensics.
-
Proven experience with incident response and handling in a professional environment.
-
Familiarity with common security tools and technologies (e.g., SIEM, EDR, network monitoring).
-
Experience in a scripting language (e.g., Python, Bash) for task automation and data analysis.
-
Strong problem-solving skills and the ability to work effectively under pressure.
-
Excellent written and verbal communication skills.
- Preferred Qualifications -
-
Experience in a large-scale, enterprise environment, particularly within the technology sectors.
-
Hands-on experience across multiple domains such as network, hosts, applications, data, cloud security etc.
-
Strong understanding of network protocols, TCP/IP, and firewall concepts.
-
Knowledge of scripting and development in languages like Python or Go.
-
Experience with ML and GenAI security concepts is a plus.
For San Francisco, CA-based roles: The base salary range for this role is USD$152,000 per year - USD$169,000 per year. For Seattle, WA-based roles: The base salary range for this role is USD$152,000 per year - USD$169,000 per year. For Sunnyvale, CA-based roles: The base salary range for this role is USD$152,000 per year - USD$169,000 per year. For all US locations, you will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. You will also be eligible for various benefits. More details can be found at the following link https://www.uber.com/careers/benefits.