Staff Software engineer - Authentication and Security Observability

Staff Software engineer - Authentication and Security Observability Department: Engineering Team: Security Engineer Location: Sunnyvale, United States Type: Full-Time **About the Role** The **Login Services team** sits within **Core Security Engineering** and owns Uber’s authentication platform for both **human and non-human identities**. We build the systems that make login **seamless, secure, and resilient** for Uber’s global workforce and services—so people and workloads can confidently access internal and third-party applications using **strong authentication** with **minimal operational cost**. This **Staff Engineer** role is a technical leadership position shaping the future of authentication at Uber—especially as **agentic workflows** and **non-human identities** become first-class citizens. You’ll drive architecture and execution across major initiatives like building a **security knowledge platform** that computes **risk levels for identities and assets** (human + NHI), and evolving next-generation authentication capabilities (e.g., stronger factors and policy enforcement across critical systems). If you’re excited about building foundational security platforms at massive scale—where reliability, security posture, and automation directly move the business—this is a rare chance to lead in a space that’s getting more important every quarter. \-\-\-\- What the Candidate Will Do ---- **Lead architecture and execution** of core authentication capabilities for **human and non-human identities**, delivering secure, resilient, and frictionless login experiences at Uber scale. **Own and evolve Uber’s tier-zero authentication and SSO infrastructure**, maintaining high availability, security, and performance for core login flows and enabling secure, policy-driven access to internal and third-party applications. **Build and evolve platform services** (APIs, workflows, policy enforcement) with strong engineering fundamentals: reliability, performance, observability, and safe rollout/rollback. **Develop the Security Knowledge Platform**, building the data/graph foundations and risk signals to **categorize identity + asset risk*