CrawlJobs Logo
Uber Logo Uber · IT - Software Development

Security Engineer II - Threat Modeling & AI

Brazil, Sao Paulo · Job Posted May 16, 2026
Apply Position
Job Link Share

Job Description

Sec Eng at Uber means building for real-world impact under real-world constraints. As Uber rapidly adopts AI and agentic workflows, we must ensure this evolution is secure by design. We are looking for a hands-on Security Engineer to red team this emerging surface area, identify critical vulnerabilities across agents and tools, and drive the engineering changes necessary to mitigate them. This role isn't just about finding bugs; it’s about navigating the messy reality of high-stakes, fast-moving AI adoption. You will need to move from deep technical architectures to leadership-level risk discussions, often pushing back on designs with imperfect information. If you are a resilient problem-solver who enjoys unblocking teams while maintaining a high security bar, you will thrive here.

Job Responsibility

  • Red team AI agents and developer tools to identify vulnerabilities, creating reproducible PoCs and clear mitigation paths for engineering teams
  • Translate complex standards like the OWASP Top 10 for LLMs into Uber-specific reference architectures and enforceable security controls
  • Drive findings through to completion by partnering across disciplines—including engineering, legal, and external vendors—to land fixes in a fast-paced environment
  • Scale your security testing by building automated evaluation harnesses and AI-driven regression coverage to keep pace with rapid deployment
  • Communicate residual risk to non-technical stakeholders and leadership, translating technical debt into actionable business decisions
  • Own the security bar for agentic workflows and vendor onboarding, ensuring that guardrails are integrated into the developer experience from day one

Requirements

  • Senior/Staff seniority in a Security Engineer role, specifically within threat modeling or security architecture
  • Proficiency in Python or Go, with the ability to write modular, high-quality code and pass a technical coding interview
  • Experience performing offensive security testing and identifying architectural gaps in distributed systems (microservices, APIs, or cloud infrastructure)
  • Demonstrated knowledge of AI-specific security risks, including OWASP Top 10 for LLM or Agentic Applications
  • Bachelor’s degree in Computer Science, a related technical field, or equivalent practical experience

Nice to have

  • Experience securing developer ecosystems, no-code platforms, or sandboxed execution environments
  • Proven track record of influencing cross-functional teams to implement security changes without direct authority
  • Experience building policy-as-code or automated security gates for model and tool onboarding
  • Ability to synthesize complex findings into leadership-ready recommendations that drive strategic business shifts
  • Hands-on experience with MCP-style tool calling and agent integrations
Uber - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Security Engineer II - Threat Modeling & AI

8 matching positions

Engineering Manager II - AI & Security

Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven engineering leadership experience managing teams in platform, infrastructure, or related domains at scale
  • Strong ability to operate in ambiguous problem spaces and translate them into clear technical direction
  • Working knowledge of security fundamentals (e.g., access control, data protection, secure system design), with the ability to partner effectively with domain experts
  • Experience building or working with ML/AI-driven systems
  • Track record of shipping and scaling production systems
  • Strong collaboration and communication skills across engineering, product, and security stakeholders
Job Responsibility
Job Responsibility
  • Lead and grow a high-performing team of software engineers and applied scientists, setting a high bar for execution, technical rigor, and collaboration
  • Define and drive the roadmap for security and AI-driven systems, translating ambiguous problem spaces into clear priorities and deliverables
  • Build intelligent systems that automate detection, classification, and remediation of risks across code, data, and infrastructure
  • Secure AI-powered applications through continuous evaluation, monitoring, and defense against emerging threats (e.g., prompt injection, data leakage, model misuse)
  • Partner with infrastructure, data, and product teams to embed security controls and signals into the developer ecosystem
  • Scale systems and processes that improve security posture while maintaining developer velocity
  • Fulltime
Read More
Arrow Right

Ai Engineer Ii

The AI Center of Excellence (AI CoE) brings together AI Engineers and Data Scien...
Location
Location
India , Pune
Salary
Salary:
Not provided
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2–5 years of experience in AI/ML engineering or software engineering with AI focus
  • Foundational hands-on experience with LangChain or similar LLM orchestration frameworks
  • Familiarity with prompt engineering concepts and techniques
  • Basic understanding of RAG pipelines - what they are, how retrieval works, and where they're applied
  • Awareness of agentic AI patterns - tool-calling, agent loops, ReAct
  • Exposure to LLM evaluation - understanding what good vs. bad LLM output looks like and how to measure it
  • Working knowledge of AWS Bedrock and/or SageMaker for AI/ML workloads
  • Strong Python skills and a learning-first mindset
  • Working proficiency with pandas, NumPy, scikit-learn
  • Solid understanding of supervised and unsupervised ML, feature engineering, and model evaluation metrics
Job Responsibility
Job Responsibility
  • Contribute to building agentic AI workflows - tool-calling, basic agent loops, and LLM-driven automation under senior guidance
  • Assist in developing and maintaining RAG pipelines - document ingestion, chunking, embedding, and retrieval
  • Implement and iterate on prompt engineering - few-shot prompting, chain-of-thought, structured outputs
  • Work with LangChain / LangGraph for LLM orchestration and chaining tasks
  • Support LLM evaluation tasks - writing eval datasets, measuring output quality, running benchmarks
  • Contribute to observability and monitoring of LLM systems - latency, token usage, output quality dashboards
  • Deploy and test LLM-powered features on AWS Bedrock, Lambda, and SageMaker
  • Participate in prompt versioning and LLM CI/CD pipelines under guidance of senior engineers
  • Assist with guardrail implementation and output validation for production GenAI systems
  • Learn and apply agentic AI patterns - ReAct, tool-use APIs, and structured output parsing
  • Fulltime
Read More
Arrow Right

Cloud Security Engineer Ii (Aws, Secops)

We are looking for a hands-on Cloud Security Engineer II (AWS, SecOps) to be the...
Location
Location
Salary
Salary:
Not provided
tripadvisor.com Logo
Tripadvisor
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience securing a production environment in AWS
  • comfortable with its core security services (e.g., GuardDuty, Security Hub, WAF, CloudTrail)
  • good understanding of core AWS services beyond just security tools (e.g., VPC networking, EC2, RDS, S3, Lambda, EKS)
  • proficiency with Terraform for managing and securing cloud infrastructure
  • proven experience with the full lifecycle of security incidents
  • proficiency in at least one scripting language (e.g., Python, Go, Bash)
  • solid understanding of common web application vulnerabilities (OWASP Top 10)
  • demonstrated ability to use AI tools to improve efficiency, quality, and decision-making in day-to-day work
  • proven ability to operate effectively with a global-first mindset
Job Responsibility
Job Responsibility
  • Monitor, analyze, and investigate security alerts originating from our AWS infrastructure, application logs, and security tooling (WAF, SIEM, Cloud-Native tools)
  • respond to security incidents that directly impact the Tripadvisor Experiences application
  • triage vulnerabilities reported through our bug bounty program and other external sources
  • build and maintain security monitoring and alerting capabilities within our production environment
  • automate security operations tasks using scripting languages like Python or Go
  • configure, tune, and help manage security tools like our Web Application Firewall (WAF), AWS GuardDuty, and Security Hub
  • operationalize findings from application security tools (SAST, DAST, SCA) by working with engineering teams
  • conduct threat modeling for new features
  • collaborate with engineering teams and provide guidance on secure coding practices and architecture
What we offer
What we offer
  • Competitive compensation packages
  • base salary and annual bonuses
  • Work your way
  • flexible schedule
  • donation matching
  • tuition assistance
  • lifestyle benefit
  • travel perks
  • employee assistance program
  • health benefits
  • Fulltime
Read More
Arrow Right

Cloud Security Engineer II (AWS)

We are looking for a hands-on Cloud Security Engineer II (AWS) to be the first l...
Location
Location
Portugal
Salary
Salary:
Not provided
tripadvisor.com Logo
Tripadvisor
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience securing a production environment in AWS
  • Comfort with AWS core security services (e.g., GuardDuty, Security Hub, WAF, CloudTrail)
  • Good understanding of core AWS services beyond just security tools (e.g., VPC networking, EC2, RDS, S3, Lambda, EKS)
  • Proficiency with Terraform for managing and securing cloud infrastructure
  • Proven experience with the full lifecycle of security incidents
  • Proficiency in at least one scripting language (e.g., Python, Go, Bash) to automate security operations
  • A solid understanding of common web application vulnerabilities (OWASP Top 10)
  • Demonstrated ability to use AI tools to improve efficiency, quality, and decision-making
  • Proven ability to operate effectively with a global-first mindset
Job Responsibility
Job Responsibility
  • Monitor, analyze, and investigate security alerts originating from our AWS infrastructure, application logs, and security tooling
  • Respond to security incidents that directly impact the Tripadvisor Experiences application
  • Triage vulnerabilities reported through our bug bounty program and other external sources
  • Build and maintain security monitoring and alerting capabilities within our production environment
  • Automate security operations tasks using scripting languages
  • Configure, tune, and help manage security tools like our Web Application Firewall (WAF), AWS GuardDuty, and Security Hub
  • Operationalize findings from application security tools (SAST, DAST, SCA) by working with engineering teams to prioritize and remediate vulnerabilities
  • Conduct threat modeling for new features
  • Collaborate with engineering teams and provide guidance on secure coding practices and architecture
What we offer
What we offer
  • Competitive compensation packages
  • Annual bonuses
  • Work your way with flexibility
  • Flexible schedule
  • Donation matching
  • Tuition assistance
  • Lifestyle benefit
  • Travel perks
  • Employee assistance program
  • Health benefits
Read More
Arrow Right

Security Engineer II

Microsoft Teams is the hub for teamwork used by millions of users to be more eng...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 1+ year(s) experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 2+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR equivalent experience
  • Preferred: Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 3+ years of experience in software development lifecycle, large scale computing, threat modeling, cyber security, anomaly or detection (enterprise experience)
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 5+ years of experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection (enterprise experience)
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Identifies and addresses underlying causes of security shortcomings
  • Develops security guidance to address shortcomings and to build best practices
  • Ensures identified vulnerabilities are resolved correctly
  • Leverages latest tools and technologies (e.g., artificial intelligence) to identify and mitigate security issues with minimal guidance
  • Investigates, diagnoses, and triages security incidents with minimal guidance
  • Contributes to postmortem and root cause analyses for security incidents
  • Collaborates with others to create repair items, tools, and/or systems to support incident management
  • Begins to leverage Incident Management System(s) to update stakeholders during and after incidents as directed
  • Leads security reviews, including architectural and design reviews, and documents findings in analysis reports
  • Applies best practices in security architecture, design, and development across feature areas
  • Fulltime
Read More
Arrow Right

Software Engineer II

Are you excited about building capabilities that help protect our customers from...
Location
Location
United States , Redmond
Salary
Salary:
102100.00 - 202200.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or related technical field AND 2+ years technical engineering experience with coding in languages including, but not limited to, C, C++ or Java OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
Job Responsibility
Job Responsibility
  • Design, implement, test, and operate cloud‑based backend services and APIs on Azure that support security detection, investigation, and response workflows
  • Build AI‑powered product features using technologies such as large language models (LLMs), vector stores, and agentic workflows to improve security signal analysis and customer outcomes
  • Own medium‑to‑large features end‑to‑end, including design, implementation, deployment, monitoring, and iteration in production environments
  • Collaborate closely with Product Managers, Security Researchers, and Engineers to translate security domain requirements into reliable, scalable software solutions
  • Contribute to technical design discussions and reviews, proposing sound designs, identifying trade‑offs, and incorporating feedback from lead engineers and stakeholders
  • Write high‑quality, maintainable code, participate in peer code reviews, and follow secure coding and engineering best practices aligned with Microsoft standards
  • Monitor and troubleshoot live services, using telemetry and logs to diagnose issues, improve system reliability, and enhance performance and scalability
  • Apply Security‑by‑Design and Responsible AI principles when building features that leverage AI to enhance threat detection and response capabilities
  • Continuously improve engineering efficiency by leveraging AI tooling, automation, and documentation to streamline development and operational workflows
  • Contribute positively to team culture, demonstrating growth mindset, openness to feedback, and a collaborative approach in a fast‑paced, data‑driven environment
What we offer
What we offer
  • Benefits and other compensation
  • certain roles may be eligible for benefits
  • Fulltime
Read More
Arrow Right

Software Engineer II

Microsoft 365 Copilot is a groundbreaking productivity tool that leverages the p...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or related technical field AND 2+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python OR equivalent experience.
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role.
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter.
Job Responsibility
Job Responsibility
  • Owns and delivers scoped features and components in a large‑scale LLM API platform, developing a strong understanding of the relevant codepaths, service architecture, and operational behaviors needed to ship reliably.
  • Collaborates with product managers and senior engineers to understand user requirements and translate them into well‑scoped technical solutions for a defined set of scenarios or components.
  • Authors and contributes to design documents for features or components, identifying dependencies, risks, and trade‑offs, and incorporating feedback from more senior engineers.
  • Independently implements high‑quality, maintainable, and testable code for owned components or features, that meets production standards for high‑throughput distributed systems and participates in code reviews to raise overall quality.
  • Develops automation for safe deployment and operations, improving CI/CD, validation, and rollout mechanisms to reduce manual steps and support repeatable releases in production environments.
  • Applies security and privacy best practices in feature design and implementation
  • participates in threat modeling, security/privacy reviews and implementing AI safety requirements where applicable.
  • Leverages existing platform and cross‑team capabilities to deliver features efficiently, working with partner teams to align on integration points, timelines, and dependencies.
  • Participates in on‑call rotations and live‑site support, diagnosing issues, mitigating incidents, and escalating appropriately to ensure service availability and reliability.
  • Continuously grows technical depth and breadth by learning new technologies, tools, and patterns that improve service performance, reliability, observability, and operational excellence, and sharing knowledge within the team.
  • Fulltime
Read More
Arrow Right

Software Engineer II

We are seeking a skilled software engineer to join our team and help implement a...
Location
Location
Czech Republic , Multiple Locations
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or related technical field AND technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
  • OR equivalent experience.
Job Responsibility
Job Responsibility
  • AI-Native Development: Improves artificial intelligence (AI) tools and practices across the software development lifecycle (SDLC)
  • Proactively takes responsibility for the content of their AI-generated requirements, design documents, code, and other assets, assisting other members of the team to do the same
  • Incorporates Responsible AI practices into the SDLC to ensure appropriate controls over AI-generated assets
  • Applies SDLC and engineering health measures (e.g., Accelerate, SPACE framework, Engineering System Success Playbook [ESSP]) to guide improvements to processes and practices, especially those involving AI
  • Experiments with AI tools and practices to improve their own capabilities, and provides recommendations on how to adopt them to other members of the team.
  • Coding: Leads by example across teams and mentors others to produce extensible, maintainable, well-tested, secure, and performant code used across products that adheres to design specifications
  • Leads efforts to continuously improve code performance, testability, maintainability, effectiveness, and cost, while learning about and accounting for relevant trade-offs
  • Identifies best practices and coding patterns (e.g., leveraging state-of-the-art generative artificial intelligence [GenAI], approaches to source code organization, naming conventions) and provides deep expertise in the coding and validation strategy
  • Creates and applies metrics to drive code quality and stability, appropriate coding patterns, and best practices
  • Identifies and anticipates blockers or unknowns during the development process, escalates them, communicates how they will impact timelines, and then leads efforts to identify and implement strategies and/or opportunities to address them.
  • Fulltime
Read More
Arrow Right