Security Analyst - CyberSecurity Incident Response

About the Role The CyberSecurity Incident Response team (CIRT) is at the forefront of protecting Uber, our customers, and our partners from evolving security threats. We are a hands-on, fast-paced team that responds to security incidents, conducts forensic investigations, and builds automated solutions to scale our defence. As a Security Analyst on the CIRT team, you will be a key player in our incident response efforts. This is a technical and investigative role where you'll be responsible for: • Responding to security incidents and mitigating threats across the company. • Conducting in-depth investigations and digital forensics to uncover the root cause of attacks. • Developing and implementing automation solutions using tools like SIEM and SOAR to improve our response capabilities. • Collaborating with other security and engineering teams to address vulnerabilities and strengthen our security posture. • Communicating your findings clearly and concisely to help shape our long-term security strategy. We are looking for someone who is passionate about solving complex security puzzles and is eager to build innovative solutions to protect a global platform. What the Candidate Will Need / Bonus Points- What the Candidate Will Do - • Incident Response: Act as a first responder to security alerts, triaging and containing threats across the Uber platform. • Forensic Analysis: Investigate security incidents by analyzing logs, network traffic, and host data to determine the root cause, scope, and impact. • Automation: Develop and deploy scripts and playbooks to automate incident response workflows and improve team efficiency. • Threat Hunting: Proactively search for emerging threats and vulnerabilities using threat intelligence to mitigate risks before they can be exploited. • Collaboration: Partner with other teams to share threat intelligence, recommend security improvements, and communicate incident findings. - Basic Qualifications - • Bachelor's degree in Computer Science, Information Security, or a related field.. • 3+ years of professional experience in a security-focused role, such as Incident Response, Security Operations, or Digital Forensics. • Proven experience with incident response and handling in a professional environment. • Familiarity with common security tools and technologies (e.g., SIEM, EDR, network monitoring). • Experience in a scripting language (e.g., Python, Bash) for task automation and data analysis. • Strong problem-solving skills and the ability to work effectively under pressure. • Excellent written and verbal communication skills. - Preferred Qualifications - • Experience in a large-scale, enterprise environment, particularly within the technology sectors. • Hands-on experience across multiple domains such as network, hosts, applications, data, cloud security etc. • Strong understanding of network protocols, TCP/IP, and firewall concepts. • Knowledge of scripting and development in languages likePythonorGo. • Experience with ML and GenAI security concepts is a plus. For San Francisco, CA-based roles: The base salary range for this role is USD$152,000 per year - USD$169,000 per year. For Seattle, WA-based roles: The base salary range for this role is USD$152,000 per year - USD$169,000 per year. For Sunnyvale, CA-based roles: The base salary range for this role is USD$152,000 per year - USD$169,000 per year. For all US locations, you will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. You will also be eligible for various benefits. More details can be found at the following link https://www.uber.com/careers/benefits.