Senior Security Engineer

Senior Security Engineer Department: Engineering Team: Security Engineer Location: Seattle, United States Type: Full-Time **About the Role** Uber is seeking a Senior Security Engineer to join our Application Security team. In this role, you will help evolve and extend Uber’s already highly automated AppSec platform by designing and deploying next-generation capabilities, including AI-driven vulnerability scanning, agent-based discovery, and intelligent asset indexing. You will build and operate security automation that continuously identifies vulnerabilities such as XSS, SQLi, CSRF, SSRF, and more across Uber’s application ecosystem. You will apply strong software engineering fundamentals to build production-grade systems that raise the security bar across Uber’s mobile and web applications. This role offers the opportunity to collaborate closely with engineers across the company, mentor junior team members, make a measurable impact on Uber’s security posture, and continue growing both your software engineering and security expertise. \-\-\-\- What the Candidate Will Do ---- 1. Design, build, and deploy large-scale automation to discover, analyze, and remediate security vulnerabilities across thousands of services. 2. Design end-to-end systems and features for application security platforms, including secret discovery, code scanning, and vulnerability remediation. 3. Identify security-sensitive functionality and coverage gaps across applications and services, and develop automation to close those gaps. 4. Research novel attack techniques and security weaknesses, and automate their detection using innovative tools and approaches. 5. Build distributed backend systems that power real-time analytics and data-driven security insights at Uber scale. 6. Collaborate closely with engineering teams and stakeholders across Security, Privacy, Compliance, Infrastructure, and Product to integrate security capabilities into Uber’s platform. 7. Provide guidance to application and service owners to remediate identified security issues. 8. Perform threat modeling, design reviews, and code reviews to