Uber Sr Security Engineer Red Team 

United States, West Virginia 

646570291

• Red Team Operations: Emulate advanced threat actors by planning, executing, and analyzing complex attack scenarios. Help develop and refine tactics, techniques, and procedures (TTPs) used by adversaries.
• Purple Team Operations: Partner with the Blue team to improve detection and response capabilities.
• Penetration Testing: Conduct penetration testing and vulnerability assessments on Uber's systems, networks, and applications to identify security weaknesses and provide recommendations for remediation.
• Security Research: Stay up-to-date with the latest security threats, vulnerabilities, and attack techniques. Research and experiment with new tools and methodologies to improve the Red Team's capabilities.
• Security Tooling: Develop and maintain custom security tools and scripts to aid in the automation and execution of security assessments and red teaming activities.
• Reporting: Create detailed reports and documentation of findings, risks, and recommendations for technical and non-technical teams. Communicate findings effectively and propose actionable solutions.
• Cross-Functional Collaboration: Work closely with other security teams, engineering teams, and product teams to provide security guidance, share insights, and drive security improvements across Uber

• Bachelor's/Master's degree or equivalent experience in Computer Science, Information Security, or a related field.
• At least 5 years of experience in offensive security roles, such as penetration testing, red teaming, or ethical hacking.
• Proficiency in scripting and programming languages (e.g. Python, Go) for tool development and automation.
• Strong understanding of operating systems, network protocols, and web application security.
• Extensive experience with security assessment tools and frameworks (e.g. Bloodhound, Cobalt Strike, Sliver, Burp Suite, Nmap).
• Vast experience in performing code review to identify vulnerabilities.
• A passion for cybersecurity and a commitment to staying current with emerging threats and industry trends.

• Comprehensive experience with Linux, macOS and Windows internals.
• Strong understanding of EDR technologies and evasion techniques
• Extensive experience with Red Teaming in modern and complex tech stacks (e.g. containerized environments)
• Extensive experience building tools for Red Team activities (e.g. infrastructure deployment, C2 stagers)

For New York, NY-based roles: The base salary range for this role is USD$194,000 per year - USD$215,500 per year.

For San Francisco, CA-based roles: The base salary range for this role is USD$194,000 per year - USD$215,500 per year.

For Seattle, WA-based roles: The base salary range for this role is USD$194,000 per year - USD$215,500 per year.

For Sunnyvale, CA-based roles: The base salary range for this role is USD$194,000 per year - USD$215,500 per year.