About the Role
- - - - What the Candidate Will Do ----
- Lead the planning, scoping, execution and documentation for IAM controls
- Work with internal teams to address their IAM requirements using Uber's standard IAM Services/Framework
- Act as a liaison between Auditors and Engineering/IT by coordinating requests for information, evidences and coordinating responses to any observations.
- Research new security compliance requirements and assist in evaluating compliance control requirements.
- Support and monitor remediation efforts of audit findings and validate the closure by reviewing relevant evidence.
- Write detailed narrative, remediation plans, and other supporting documentation
- Provide actionable, technical advice to software engineers to enhance security control design & effectiveness (including for cloud environments)
- - - - Basic Qualifications ----
- Bachelor's in Computer Science or a related field or equivalent industry experience
- Understanding of authentication, authorization, and directory services
- Experience working closely with auditors and/or external regulators
- Deep understanding of security techniques, practices, and controls that can be applied to address risks.
- Experience operating as part of an Information security program in alignment with common information technology management frameworks such as ISO 27001, NIST, CIS, ITIL, COBIT, etc.
- Strong written and verbal communication skills
- Strong program management skills
- - - - Preferred Qualifications ----
- 5+ years in Identity and Access Management
- 4+ years of experience managing Information Security audits (e.g. SOX, SOC 2, ISO 27001, PCI DSS)
- Prior experience leading or managing security audits at a SaaS/Cloud company or as a Security Auditor at an audit firm
- Security certifications such as CISSP, CISA, CRISC, ISO 27001 Lead Auditor, etc.
- Experience with GRC tools (e.g. ServiceNow GRC, SAP GRC, Auditboard)
- Experience with SQL
- Experience with coding/scripting
* Accommodations may be available based on religious and/or medical conditions, or as required by applicable law. To request an accommodation, please reach out to .