About the role and team
Sec Eng at Uber means building for real-world impact under real-world constraints. The Identity and Access Management ( IAM) team is currently driving a high-stakes transformation of our governance systems and microservices, moving away from legacy polished pictures toward adaptive, AI-driven security models. You will design and build the extensible features, APIs, and workflows that manage authentication and authorization for Uber’s global internal workforce and services.
We are looking for a Security Engineer who stays calm under pressure and possesses the grit to own a project from the first design doc to debugging production issues at scale. If you are energized by the challenge of bridging digital security with real-world movement and want to lead the adoption of industry-leading trends like RAG and MCP in the identity space, this is where you will grow.
What you’ll do
- Design, build, and maintain centralized access management systems and risk models where performance, security, and scale are inseparable.
- Solve messy, high-impact identity problems (such as birthright provisioning and access certifications) often without a clear starting point.
- Own your work end-to-end, from writing high-quality engineering design documents to managing critical platform changes using Terraform and standard build code.
- Champion software engineering best practices like code health, testing, and design clarity even when project stakes and pressure are high.
- Collaborate across disciplines to integrate SSO applications and middleware technologies while acting as the technical voice of the identity team.
- Navigate technical debt and legacy complexity within LDAP, MFA, and distributed database systems to unblock developer productivity.
Basic Qualifications
- Senior/Staff seniority in the development, design, and consulting of SailPoint IIQ or similar IGA and authentication platforms.
- Experience building and documenting high-quality code for complex software systems scaling to millions of users.
- Proficiency with large-scale distributed storage and SQL database systems such as MySQL.
- Strong understanding of Role-Based Access Control (RBAC), Policy-Based Access Control (PBAC), and Attribute-Based Access Control (ABAC).
- Education requirement: Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
Preferred Qualifications
- Working experience in DevOps, Linux, Puppet, and infrastructure automation to improve system reliability.
- Experience leveraging AI/ML, prompt engineering, or MCP to build innovative identity solutions or resolve operational bottlenecks.
- Technical certifications in SailPoint, Google Cloud, or Microsoft security architectures.
- Demonstrated ability to use CSS and JavaScript to build or customize complex front-end interfaces for security tools.
- Experience using developer productivity tools like Cursor or GitHub Copilot to optimize the software development lifecycle.
Uber's mission is to reimagine the way the world moves for the better. Here, bold ideas create real-world impact, challenges drive growth, and speed fuelds progress. What moves us, moves the world - let’s move it forward, together.
Offices continue to be central to collaboration and Uber's cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.
*Accommodations may be available based on religious and/or medical conditions, or as required by applicable law. To request an accommodation, please reach out to accommodations@uber.com.