Uber Sr Security Incident Commander 

United States, West Virginia 

423640561

About the Role

As a Sr Security Incident Commander, you will be leading incident response strategy and communication for critical-severity and large-scale incidents, and will be leading projects/initiatives to help mature the incident response program. Part Fire Captain, part Air Traffic Controller, and part NTSB investigator, you will be a master at controlling chaos, seeing through the fog and charting a path forward no matter how ambiguous the situation is. What you find and record during incidents will become the building blocks of an even more secure Uber.

What the Candidate Will Need / Bonus Points

• Join an on-call rotation to lead security incident response teams for highest criticality cyber security incidents for Uber and Uber’s subsidiaries.
• You’ll remain composed and effective under pressure, demonstrating the ability to navigate challenging situations without becoming flustered.
• Serve as point of contact throughout the incident lifecycle, interacting directly with executives.
• Partner and build relationships with the teams across multiple regions to drive response and investigations globally.
• Support and mentor analysts conducting investigations and other incident commanders leading incidents.
• Root cause all incidents you work to the deepest level possible and create actionable plans to ensure they do not happen again.
• Lead projects/initiatives to help mature the incident response program and reduce cybersecurity risk at Uber and Uber’s subsidiaries. These projects/initiatives include but are not limited to IR tabletop exercises, real-time incident simulations, threat hunting, and compromise assessments.

-----Basic Qualifications ----

• 5+ years of experience in blue team functions such as SOC, IR, detection at a global company.
• Experience driving complex and ambiguous security incidents through the entire response lifecycle.
• Strong working knowledge of common threat actor attack patterns and TTPs.
• Experience presenting incident strategy to an executive audience.
• Willingness and experience leading and mentoring others.
• Skills to read logs, comfortably work on the command line, and the aptitude to get hands on to solve technical challenges when necessary.
• Ability to juggle multiple priorities at once.

- - - - Preferred Qualifications ----

• Experience planning and running incident simulation programs such as tabletop exercises, purple teaming, etc.
• Strong sense of urgency and drive - a desire to always be moving forward and improving the craft of incident response
• Experience writing and managing automations.
• Experience in incident response at a large tech company.
• General understanding of broader cybersecurity domains such as infrastructure security, endpoint security, product security, data security, etc.

For San Francisco, CA-based roles: The base salary range for this role is USD$171,000 per year - USD$190,000 per year.

For Seattle, WA-based roles: The base salary range for this role is USD$171,000 per year - USD$190,000 per year.

For Sunnyvale, CA-based roles: The base salary range for this role is USD$171,000 per year - USD$190,000 per year.