We use cookies to improve your experience on our site. To find out more, read our privacy policy.

NHS Human Services, Inc.

Mobile nhs-human-services Logo
Home View All Jobs (2,025,388)

Job Information

Uber Sr. Staff Software Engineer - Product Security in Seattle, Washington

About the Role

We are seeking a highly experienced Senior Staff Security Engineer specializing in Application Security, DevSecOps, and Mobile Security to lead security initiatives across our software development lifecycle. The candidate will be responsible for designing, implementing, and improving security best practices, tooling, and frameworks. The ideal candidate will provide industry leading approaches to raising the bar on the resiliency of our applications, CI/CD pipelines, and mobile platforms against threats. This role requires not just technical excellence but also a problem-solving mindset, the ability to think outside the box, and a passion for designing creative security solutions that scale.

Key Responsibilities

Application Security

Conduct in-depth secure code reviews, threat modeling, and security testing for services and applications.

Collaborate with development teams to integrate secure coding practices and security controls into the software development lifecycle (SDLC).

Influence peers and leaders across the company in improving their security posture.

Lead penetration testing efforts and work closely with engineers to remediate vulnerabilities.

Define and implement Runtime Application Self-Protection (RASP) and Web Application Firewall (WAF) strategies.

DevSecOps

Design and implement Security-as-Code practices within CI/CD pipelines using tools like SAST, DAST, SCA, and IaC scanning (e.g., SonarQube, Checkmarx, Snyk, OWASP ZAP).

Automate security assessments and vulnerability management across cloud-native applications and microservices architectures.

Strengthen secrets management and authentication by leveraging HSMs, Vaults, and secure tokenization (e.g., HashiCorp Vault, AWS Secrets Manager).

Enhance security logging and monitoring strategies using SIEM, SOAR, and anomaly detection tools.

Mobile Security

Define and enforce mobile security best practices for iOS and Android applications.

Conduct static and dynamic mobile application security testing (MAS/DAST) and assist teams in fixing vulnerabilities.

Implement secure mobile authentication mechanisms (e.g., biometric authentication, secure keychain, app attestation).

Develop security guidelines for third-party libraries, API security, and mobile data encryption strategies.

Minimum Qualifications

  • 10+ years of hands-on experience in Application Security & DevSecOps.

  • Strong proficiency in secure software development, threat modeling, and cryptography.

  • Hands-on experience with security tools like Burp Suite, OWASP ZAP, Snyk, SonarQube, Checkmarx, Veracode, or Fortify.

  • Expertise in CI/CD environments (GitHub Actions, GitLab CI/CD, Jenkins).

  • Experience with cloud security in AWS, GCP, or Azure.

  • Proficiency in at least one programming language, such as Python, Java, Go, Kotlin, Swift, or JavaScript.

Preferred Qualifications

  • Experience with container security (Kubernetes, Docker security best practices).

  • Knowledge of Zero Trust Architecture and API security (OAuth, JWT, mTLS, GraphQL security).

Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form .

Offices continue to be central to collaboration and Uber's cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.

For San Francisco, CA-based roles: The base salary range for this role is USD$257,000 per year - USD$285,500 per year. For Seattle, WA-based roles: The base salary range for this role is USD$257,000 per year - USD$285,500 per year. For Sunnyvale, CA-based roles: The base salary range for this role is USD$257,000 per year - USD$285,500 per year. For all US locations, you will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. You will also be eligible for various benefits. More details can be found at the following link https://www.uber.com/careers/benefits.

Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing this form- https://docs.google.com/forms/d/e/1FAIpQLSdb_Y9Bv8-lWDMbpidF2GKXsxzNh11wUUVS7fM1znOfEJsVeA/viewform

DirectEmployers