About the role and team
Sec Eng at Uber means building for real-world impact under real-world constraints. The Identity and Access Management ( IAM ) team is currently driving a high-stakes transformation of our governance systems and microservices, moving away from legacy polished pictures toward adaptive, AI-driven security models. You will design and build the extensible features, APIs, and workflows that manage authentication and authorization for Uber's global internal workforce and services.
We are looking for a Security Engineer who stays calm under pressure and possesses the grit to own a project from the first design doc to debugging production issues at scale. If you are energized by the challenge of bridging digital security with real-world movement and want to lead the adoption of industry-leading trends like RAG and MCP in the identity space, this is where you will grow.
What you'll do-
Design, build, and maintain centralized access management systems and risk models where performance, security, and scale are inseparable.
-
Solve messy, high-impact identity problems (such as birthright provisioning and access certifications) often without a clear starting point.
-
Own your work end-to-end, from writing high-quality engineering design documents to managing critical platform changes using Terraform and standard build code.
-
Champion software engineering best practices like code health, testing, and design clarity even when project stakes and pressure are high.
-
Collaborate across disciplines to integrate SSO applications and middleware technologies while acting as the technical voice of the identity team.
-
Navigate technical debt and legacy complexity within LDAP, MFA, and distributed database systems to unblock developer productivity.
Basic Qualifications-
Senior/Staff seniority in the development, design, and consulting of SailPoint IIQ or similar IGA and authentication platforms.
-
Experience building and documenting high-quality code for complex software systems scaling to millions of users.
-
Proficiency with large-scale distributed storage and SQL database systems such as MySQL.
-
Strong understanding of Role-Based Access Control (RBAC), Policy-Based Access Control (PBAC), and Attribute-Based Access Control (ABAC).
-
Education requirement: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
Preferred Qualifications-
Working experience in DevOps, Linux, Puppet, and infrastructure automation to improve system reliability.
-
Experience leveraging AI/ML, prompt engineering, or MCP to build innovative identity solutions or resolve operational bottlenecks.
-
Technical certifications in SailPoint , Google Cloud, or Microsoft security architectures.
-
Demonstrated ability to use CSS and JavaScript to build or customize complex front-end interfaces for security tools.
-
Experience using developer productivity tools like Cursor or GitHub Copilot to optimize the software development lifecycle.
