Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Uber Sr Staff Software Engineer - Product Security 
United States, West Virginia 
19793418

20.03.2025

Share

Log in to apply

Key Responsibilities

Conduct in-depth secure code reviews, threat modeling, and security testing for services and applications.

Lead penetration testing efforts and work closely with engineers to remediate vulnerabilities.

Define and implement Runtime Application Self-Protection (RASP) and Web Application Firewall (WAF) strategies.

Design and implement Security-as-Code practices within CI/CD pipelines using tools like SAST, DAST, SCA, and IaC scanning (e.g., SonarQube, Checkmarx, Snyk, OWASP ZAP).

Automate security assessments and vulnerability management across cloud-native applications and microservices architectures.

Strengthen secrets management and authentication by leveraging HSMs, Vaults, and secure tokenization (e.g., HashiCorp Vault, AWS Secrets Manager).

Enhance security logging and monitoring strategies using SIEM, SOAR, and anomaly detection tools.

Define and enforce mobile security best practices for iOS and Android applications.

Implement secure mobile authentication mechanisms (e.g., biometric authentication, secure keychain, app attestation).

Develop security guidelines for third-party libraries, API security, and mobile data encryption strategies.

Minimum Qualifications

  • 10+ years of hands-on experience in Application Security & DevSecOps.
  • Strong proficiency in secure software development, threat modeling, and cryptography.
  • Hands-on experience with security tools like Burp Suite, OWASP ZAP, Snyk, SonarQube, Checkmarx, Veracode, or Fortify.
  • Expertise in CI/CD environments (GitHub Actions, GitLab CI/CD, Jenkins).
  • Experience with cloud security in AWS, GCP, or Azure.
  • Proficiency in at least one programming language, such as Python, Java, Go, Kotlin, Swift, or JavaScript.

Preferred Qualifications

  • Experience with container security (Kubernetes, Docker security best practices).
  • Knowledge of Zero Trust Architecture and API security (OAuth, JWT, mTLS, GraphQL security).

For San Francisco, CA-based roles: The base salary range for this role is USD$257,000 per year - USD$285,500 per year.

For Seattle, WA-based roles: The base salary range for this role is USD$257,000 per year - USD$285,500 per year.

For Sunnyvale, CA-based roles: The base salary range for this role is USD$257,000 per year - USD$285,500 per year.

These jobs might be a good fit

Professional CV Builder tool from Expoint.

Get to the top of the "yes list" with a standout CV!

CREATE CV