Security Technologist

**About the Role**:
**What You Will Do**:
- Conduct network infrastructure, Public Cloud (AWS and GCP), and data-layer offensive pen-testing
- Perform manual source code reviews and audits (manual and SCA/SAST code audits) as needed
**Basic Qualifications**:
- A pen-test certification such as Offensive Security Certified Professional (OSCP) or CEH, OSWE, OSCE, GPEN, GMOB, GWAPT, GXPN, and/or willing to work towards ultimately acquiring one as part of your career path
- 2+ years of relevant engineering or security assessment experience
- Possess a broad knowledge of attack vectors, exploits and mitigations that work at scale or may be linked together for chained attacks
- Experience with assessing with Cloud-native services, service meshes, and Kubernetes-platform based microservices
- Be able to think both offensively (like a hacker) and defensively (evaluating product security and design)
- Ability to create written work product, detailed technical findings documents, and pen-test reports
**Preferred Qualifications**:
- You have great interpersonal skills, deep technical ability, and a history of successful execution in the assessments industry. If you enjoy discussing anything from procedural linking tables in kernels to remote code execution in JVMs, then we want you on the team.
- B.S. in Computer Science, Electrical, or Computer Engineering, or equivalent work experience as a software engineering or security practitioner
- Experience with Java, Go, Python or Node.js (bonus points for more than one)
- Familiarity with industry-standard threat modeling, risk modeling and vulnerability classification
- Experience with pre-assessment architectural and API analysis to scope and prepare white-box and grey-box assessments
- Experience working with in-house engineering organizations, S-SDLC/CICD software lifecycle and QA processes
Please refer to this role on our careers page for more details on your total compensation and benefits package. You can get there by clicking 'apply' if you're not already on our careers site.
At Uber, we ignite opportunity by setting the world in motion. We take on big problems to help drivers, riders, delivery partners, and eaters get moving in more than 10,000 cities around the world.
We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let's move the world forward together.
Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form.
LI-Remote
Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form.
Offices continue to be central to collaboration and Uber's cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.

---