Overview
On Site
USD 229,000.00 - 254,000.00 per year
Full Time
Skills
Generative Artificial Intelligence (AI)
Stacks Blockchain
Deep Learning
Vulnerability Assessment
Step Detection
Artificial Intelligence
Machine Learning (ML)
Testing
Network Operations
Incident Management
Regulatory Compliance
Information Security
Security Operations
SIEM
Splunk
SPL
Network
Operating Systems
Microsoft Windows
Linux
OS X
Computer Networking
Security Controls
Root Cause Analysis
Computer Science
Cyber Security
Leadership
FOCUS
Research
Cloud Computing
Amazon Web Services
Google Cloud
Google Cloud Platform
Microsoft Azure
Scripting
Python
Windows PowerShell
Bash
Threat Analysis
Security Engineering
Mentorship
OSCP
CISSP
DevOps
DevSecOps
Continuous Integration
Continuous Delivery
Law
Legal
Collaboration
Job Details
About the Role
As a Threat Detection Engineer at Uber, you will be at the forefront of safeguarding user-facing products and platforms by leveraging the power of AI and ML. You will drive the development and operations of sophisticated security services and frameworks specifically designed to identify and neutralize evolving threats. Your expertise in analyzing the broadened security landscape, fueled by the adoption of ML/GenAI and extensive heterogeneous data, will be critical in architecting, implementing, and scaling industry-leading threat detection solutions. You will apply your deep understanding of major technology stacks and hands-on experience with machine learning and potentially deep learning to build proactive and reactive security measures. This role involves in-depth threat analysis and vulnerability assessment, directly leading to the development and implementation of cutting-edge detection strategies and mitigation techniques. You will research and experiment with new AI/ML techniques and tools to continuously enhance Uber's cyber defense capabilities. Collaboration with cross-functional teams, including network operations and incident response, will be essential to ensure a cohesive and effective approach to threat detection and response across the organization.
\\-\\-\\-\\- What the Candidate Will Do ----
1. Design, develop, and implement software solutions to improve organizational security.
2. Analyze security threats and vulnerabilities and create detection and mitigation strategies.
3. Conduct code reviews and testing.
4. Research and evaluate new cybersecurity techniques and tools.
5. Collaborate with cross-functional teams (network operations, incident response, compliance) to ensure a unified security approach.
\\-\\-\\-\\- Basic Qualifications ----
1. Bachelor's degree in Computer Science, Cybersecurity, Information Security, or related field (or equivalent experience).
2. 6+ years of professional experience in security engineering, threat detection, or security operations.
3. Expertise in designing, building, and maintaining detection systems, including SIEM platforms (e.g., Splunk, Elastic, Sentinel).
4. Strong knowledge of threat hunting methodologies, adversary behaviors, and frameworks such as MITRE ATT&CK.
5. Advanced ability to write, optimize, and validate detection rules using query languages like KQL, SPL, or Sigma.
6. Deep understanding of logs from diverse sources including cloud, network, application, and endpoint telemetry.
7. Solid grasp of operating systems (Windows, Linux, macOS), networking concepts, and security controls.
8. Demonstrated ability to lead incident investigations and drive root cause analysis across complex environments.
\\-\\-\\-\\- Preferred Qualifications ----
1. Master's degree in Cybersecurity, Computer Science, or a related field.
2. 10+ years of experience in a cybersecurity leadership role, with a focus on detection engineering or threat research.
3. Proven experience building or leading large-scale threat detection programs in hybrid or cloud-first environments (AWS, Google Cloud Platform, Azure).
4. Proficient in scripting and automation (Python, PowerShell, Bash) to scale detection and response capabilities.
5. Experience integrating threat intelligence and creating contextual, high-fidelity detection logic.
6. Strong collaboration skills, with a history of working across security, engineering, and product teams to improve security posture.
7. Track record of mentoring junior engineers and establishing detection engineering best practices.
8. Relevant certifications (e.g., GIAC GCTI, GCED, OSCP, CISSP) are a plus.
9. Familiarity with DevOps/DevSecOps environments and CI/CD pipeline security.
Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing [this form](;br>
Offices continue to be central to collaboration and Uber's cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.
For Seattle, WA-based roles: The base salary range for this role is USD$229,000 per year - USD$254,000 per year.
For Sunnyvale, CA-based roles: The base salary range for this role is USD$229,000 per year - USD$254,000 per year.
For all US locations, you will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. You will also be eligible for various benefits. More details can be found at the following link [](;br>
Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing [this form](;br>
Offices continue to be central to collaboration and Uber's cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.
As a Threat Detection Engineer at Uber, you will be at the forefront of safeguarding user-facing products and platforms by leveraging the power of AI and ML. You will drive the development and operations of sophisticated security services and frameworks specifically designed to identify and neutralize evolving threats. Your expertise in analyzing the broadened security landscape, fueled by the adoption of ML/GenAI and extensive heterogeneous data, will be critical in architecting, implementing, and scaling industry-leading threat detection solutions. You will apply your deep understanding of major technology stacks and hands-on experience with machine learning and potentially deep learning to build proactive and reactive security measures. This role involves in-depth threat analysis and vulnerability assessment, directly leading to the development and implementation of cutting-edge detection strategies and mitigation techniques. You will research and experiment with new AI/ML techniques and tools to continuously enhance Uber's cyber defense capabilities. Collaboration with cross-functional teams, including network operations and incident response, will be essential to ensure a cohesive and effective approach to threat detection and response across the organization.
\\-\\-\\-\\- What the Candidate Will Do ----
1. Design, develop, and implement software solutions to improve organizational security.
2. Analyze security threats and vulnerabilities and create detection and mitigation strategies.
3. Conduct code reviews and testing.
4. Research and evaluate new cybersecurity techniques and tools.
5. Collaborate with cross-functional teams (network operations, incident response, compliance) to ensure a unified security approach.
\\-\\-\\-\\- Basic Qualifications ----
1. Bachelor's degree in Computer Science, Cybersecurity, Information Security, or related field (or equivalent experience).
2. 6+ years of professional experience in security engineering, threat detection, or security operations.
3. Expertise in designing, building, and maintaining detection systems, including SIEM platforms (e.g., Splunk, Elastic, Sentinel).
4. Strong knowledge of threat hunting methodologies, adversary behaviors, and frameworks such as MITRE ATT&CK.
5. Advanced ability to write, optimize, and validate detection rules using query languages like KQL, SPL, or Sigma.
6. Deep understanding of logs from diverse sources including cloud, network, application, and endpoint telemetry.
7. Solid grasp of operating systems (Windows, Linux, macOS), networking concepts, and security controls.
8. Demonstrated ability to lead incident investigations and drive root cause analysis across complex environments.
\\-\\-\\-\\- Preferred Qualifications ----
1. Master's degree in Cybersecurity, Computer Science, or a related field.
2. 10+ years of experience in a cybersecurity leadership role, with a focus on detection engineering or threat research.
3. Proven experience building or leading large-scale threat detection programs in hybrid or cloud-first environments (AWS, Google Cloud Platform, Azure).
4. Proficient in scripting and automation (Python, PowerShell, Bash) to scale detection and response capabilities.
5. Experience integrating threat intelligence and creating contextual, high-fidelity detection logic.
6. Strong collaboration skills, with a history of working across security, engineering, and product teams to improve security posture.
7. Track record of mentoring junior engineers and establishing detection engineering best practices.
8. Relevant certifications (e.g., GIAC GCTI, GCED, OSCP, CISSP) are a plus.
9. Familiarity with DevOps/DevSecOps environments and CI/CD pipeline security.
Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing [this form](;br>
Offices continue to be central to collaboration and Uber's cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.
For Seattle, WA-based roles: The base salary range for this role is USD$229,000 per year - USD$254,000 per year.
For Sunnyvale, CA-based roles: The base salary range for this role is USD$229,000 per year - USD$254,000 per year.
For all US locations, you will be eligible to participate in Uber's bonus program, and may be offered an equity award & other types of comp. You will also be eligible for various benefits. More details can be found at the following link [](;br>
Uber is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you have a disability or special need that requires accommodation, please let us know by completing [this form](;br>
Offices continue to be central to collaboration and Uber's cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.