Sr. Security Investigator

Uber•San Francisco, CA

44d

About The Position

The CyberSecurity Incident Response team (CIRT) is at the forefront of protecting Uber. We are a hands-on, fast-paced team that responds to security incidents, conducts forensic investigations, and builds automated solutions to scale our defenses. As a Senior Security Investigator, your role is to lead complex, high-impact security investigations across a global, large-scale environment. This role is ideal for a seasoned security professional who excels at uncovering sophisticated threats, driving automation at scale, shaping investigative strategy, and mentoring teams to deliver world-class response. You will partner with Security Engineering, Detection & Response, Threat Intelligence, Legal, HR, and Executive Leadership to contain threats, protect user and corporate data, and elevate our overall security posture.

Requirements

Bachelor's degree in Computer Science, Information Security, or a related field..
5+ years of experience in Security Investigations, Incident Response, Threat Hunting, or Digital Forensics within large-scale or high-risk environments.
Proven expertise with forensic tooling, log analysis, SIEM platforms, EDR solutions, and cloud investigation workflows (AWS/GCP/Azure).
Strong understanding of attacker TTPs, modern threat landscape, and frameworks like MITRE ATT&CK.
Hands-on experience building automation using Python, APIs, SOAR, or equivalent frameworks.
Ability to lead complex investigations end-to-end and communicate findings effectively to senior leadership.
Experience running or contributing to large cross-company security projects.

Nice To Haves

Experience in a large-scale, global, distributed systems environments
Knowledge of identity ecosystems (Okta, Azure AD), container security, and SaaS platform logs.
Experience in a programming language (e.g., Python, Go, C++, Java, etc) for incident response related automation and data analysis.
Experience with GenAI in incident response and investigations is a plus.
Experience mentoring or leading security teams.

Responsibilities

Lead complex security investigations end-to-end and perform deep forensic analysis across endpoints, cloud environments, identity systems, networks, and application logs to uncover root cause and attack paths.
Own & Build automation and tooling to accelerate evidence collection, log enrichment, triage workflows, and decision-making at global scale.
Improve detection and response capabilities by partnering with Threat Intelligence, Detection Engineering, and Platform teams.
Lead major cross-functional security initiatives that strengthen investigative readiness, digital forensics, cloud incident response, and threat-hunting capabilities.
Mentor and develop investigators and analysts, providing technical guidance, reviewing casework, and elevating investigative rigor.
Continuously evolve investigation methodology by analyzing trends, identifying gaps, and embedding lessons learned back into the security ecosystem.

Benefits

you will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp.
You will also be eligible for various benefits. More details can be found at the following link [https://www.uber.com/careers/benefits]

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume