Uber Security Technologist II 

United States, West Virginia 

490377714

About the Role

- - - - What the Candidate Will Do ----

1. Organizing and coordinating Uber’s quarterly and yearly compliance obligations to General Services Administration (GSA) (e.g. updating POA&Ms, reviewing updates to the System Security Plan(SSP) etc.)
2. Assist with planning, execution and documentation of audits primarily in areas associated with technology and technology-related risks (e.g. cybersecurity)
3. Act as a liaison between Auditors and Engineering/IT by coordinating requests for information and coordinating responses to any observations.
4. Manage Uber’s unified controls framework. Map risks to policies, controls. Update controls to reflect current processes

- - - - Basic Qualifications ----

1. 3+ years of experience working in the Cybersecurity Governance Risk and Compliance (GRC) domain
2. 2+ years experience in Cybersecurity audits (e.g. ISO 27001, SOC 2, SOX ITGC, PCI DSS)
3. Familiar with security related industry standard frameworks (ISO, SOC 2, PCI etc).
4. Good Project Management Skills - organized and good time management
5. Experience working with auditors/compliance audits
6. Great communication skills

- - - - Preferred Qualifications ----

1. Experience working on Fedramp, NIST-171 or other federal security standards or frameworks
2. Experience in Vulnerability management and/or other Cybersecurity domains
3. Security certifications such as CISSP, CISA, ISO 27001 Lead Implementer etc.

For Seattle, WA-based roles: The base salary range for this role is USD$146,000 per year - USD$162,000 per year.

You will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. You will also be eligible for various benefits. More details can be found at the following link .