Senior Security Investigator

Sr. Technical Recruiter | ex-Amazon, Meta, VMware, Zillow

About the Role

The Cyber Security Incident Response team (CIRT) is at the forefront of protecting Uber. We are a hands‑on, fast‑paced team that responds to security incidents, conducts forensic investigations, and builds automated solutions to scale our defenses.

As a Senior Security Investigator your role is to lead complex, high‑impact security investigations across a global, large‑scale environment. This role is ideal for a seasoned security professional who excels at uncovering sophisticated threats, driving automation at scale, shaping investigative strategy, and mentoring teams to deliver world‑class response.

You will partner with Security Engineering, Detection & Response, Threat Intelligence, Legal, HR, and Executive Leadership to contain threats, protect user and corporate data, and elevate our overall security posture.

• Lead complex security investigations end‑to‑end and perform deep forensic analysis across endpoints, cloud environments, identity systems, networks, and application logs to uncover root cause and attack paths.
• Own & Build automation and tooling to accelerate evidence collection, log enrichment, triage workflows, and decision‑making at global scale.
• Improve detection and response capabilities by partnering with Threat Intelligence, Detection Engineering, and Platform teams.
• Lead major cross‑functional security initiatives that strengthen investigative readiness, digital forensics, cloud incident response, and threat‑hunting capabilities.
• Mentor and develop investigators and analysts
  , providing technical guidance, reviewing casework, and elevating investigative rigor.
• Continuously evolve investigation methodology by analyzing trends, identifying gaps, and embedding lessons learned back into the security ecosystem.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5+ years of experience in Security Investigations, Incident Response, Threat Hunting, or Digital Forensics within large‑scale or high‑risk environments.
• Proven expertise with forensic tooling, log analysis, SIEM platforms, EDR solutions, and cloud investigation workflows (AWS/GCP/Azure).
• Strong understanding of attacker TTPs, modern threat landscape, and frameworks like MITRE ATT&CK.
• Hands‑on experience building automation using Python, APIs, SOAR, or equivalent frameworks.
• Ability to lead complex investigations end‑to‑end and communicate findings effectively to senior leadership.
• Experience running or contributing to large cross‑company security projects.

• Experience in a large‑scale, global, distributed systems environments.
• Knowledge of identity ecosystems (Okta, Azure AD), container security, and SaaS platform logs.
• Experience in a programming language (e.g., Python, Go, C++, Java, etc.) for incident response related automation and data analysis.
• Experience with GenAI in incident response and investigations is a plus.
• Experience mentoring or leading security teams.

• Mid‑Senior level

• Full‑time

• Information Technology

• Internet Marketplace Platforms, Technology, Information and Media, and Computer and Network Security

Location:

Mountain View, CA | Salary: $96,500–$206,400

Referrals increase your chances of interviewing at Uber by 2x

Medical insurance

Vision insurance

401(k)

Paid maternity leave

Paid paternity leave