About the Role
Uber Freight is looking for an Enterprise Security Engineer to join our Security team to help us deliver on several key initiatives for the company in the software and security engineering spaces. Through your work, you will dramatically improve our security posture through efforts in the following areas:
- Design, build and deploy automation to scale vulnerability discovery efforts
- Drive vulnerability remediation across prod, CORP, cloud, endpoint and mobile assets.
- Provide actionable security guidance to asset owners in an effort to speed up vulnerability remediation
- Endpoint hardening of Macs, PCs, Linux servers, Windows servers, network equipment, SaaS, etc.
- Compliance monitoring
- Device Attestation
- Email Security
- Data Loss Prevention
- Shadow IT identification and remediation
- Malware scanning and threat hunting
This is a unique opportunity for a hands-on security specialist to protect the vast footprint of Uber Freight endpoints and implement automation to improve response levels
What You Will Do
- Fine tuning and maintaining of all security tools
- Evaluating new security solutions to identify Security Gaps and assist in remediation efforts to increase Uber Freights security posture
- Develop and implement Security Orchestration Automation and Response (SOAR)
- Timely respond to security events, 0-day and outages
- Monitor adherence to standards and recommend improvements as needed
Basic Qualifications
- 5+ years of relevant security engineering experience
- Up to date with recent security attack vectors and latest security research
- Knowledge of EDR, Web application firewalls, and Email security including DMARC/DKIM/SPF
- Ability to operate independently, to learn new concepts and adapt to shifting priorities
- Excellent communication skills and ability to communicate with multiple teams at the same time, across different time zones
Preferred Qualifications
- BS. or above in Computer Science, Electrical, or Computer Engineering, or equivalent work experience as a security practitioner or a cloud architect
- Familiar with security standards such as NIST, CIS Benchmarks
- Industry recognized security certification (CISSP, CISA, CEH, etc.)
- Experience with Threat Based Defense
- Experience building countermeasures based on the kill chain or ATT&CK Framework
- Familiarity with operating system internals and hardening
- Experience developing, deploying, and configuring security services and tools
- Understanding of authentication, authorization, and directory services
About Uber Freight
Uber Freight is a logistics platform and partner with a mission to reimagine the way goods move to help communities thrive. Backed by innovative technology and a dedicated team of domain experts, we provide logistics solutions that give shippers and carriers of all sizes greater reliability, flexibility, and transparency so they can take control of their freight. With over $17 billion in FUM, we’ve built one of the world’s most comprehensive logistics networks consisting of over 130,000 digitally-enabled carriers and thousands of shippers, from small businesses to Fortune 500 companies. For more, visit uberfreight.com.
EEOC
Uber Freight is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regards to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
#LI-MV1
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)