CrawlJobs Logo

Senior Security Incident Commander

uber.com Logo

Uber

Location Icon

Location:
United States , Seattle

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

180000.00 - 200000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

As a Senior Security Technologist, Incident Command, you are accountable for leading Uber’s most critical, complex, and high-impact security incidents end-to-end - from escalation to containment, recovery, and systemic remediation. You operate at the intersection of Fire Captain, NTSB Investigator, and hands-on technical practitioner. In the moment, you take command - setting strategy, assigning resources, and making high-consequence decisions under pressure. After the smoke clears, you drive deep technical investigation and post-incident analysis to ensure we understand not just what happened, but why it happened, and that meaningful, durable fixes are made.

Job Responsibility:

  • Command the highest severity and most complex security incidents across Uber and its subsidiaries, serving as the single accountable leader during active response
  • Participate in an on-call rotation where you are expected to make real-time decisions with incomplete information, balancing speed, risk, and impact
  • Act as the incident authority, not just a facilitator - forming hypotheses, setting strategy, and directing investigative focus
  • Transition seamlessly between executive-level incident leadership and hands-on technical investigation, including log analysis, system interrogation, and root cause validation
  • Serve as the primary interface to senior leadership during critical incidents, translating evolving technical realities into clear risk, impact, and decision frameworks
  • Build and maintain strong working relationships with global engineering, infrastructure, legal, privacy, and operations teams to enable fast, coordinated response
  • Conduct rigorous post-incident analysis in the spirit of an NTSB investigation - focused on systemic causes, contributing factors, and concrete prevention
  • Mentor and develop other responders and incident leaders, raising the organization’s ability to handle complex, time-critical security events
  • Lead and materially contribute to initiatives that mature Uber’s incident response program, including: High-fidelity incident simulations and technical tabletop exercises
  • Threat-informed response planning and scenario development
  • ‘Left of boom’ threat modeling to prevent incidents before they occur
  • Improvements to detection, containment, and response automation
  • Adoption of new investigative techniques and tooling, including AI-assisted workflows

Requirements:

  • 5+ years in security operations, detection, or incident response roles at scale, with demonstrated ownership of ambiguous, large, complex, high-impact incidents
  • Deep familiarity with modern attacker TTPs and how they manifest across logs, systems, networks, endpoints, and applications
  • Strong technical investigation skills - comfortable working directly with logs, telemetry, and raw system data to validate hypotheses and determine root cause
  • Experience briefing executives during active incidents, with the ability to clearly explain tradeoffs, risks, and recommended actions
  • Experience designing or running technical incident simulations (tabletops, purple team exercises, or similar) that stress real-world response capabilities
  • Experience building or leveraging AI-driven tooling to improve incident response posture, applying frontier technology to workflows such as triage, investigation, correlation, or decision support

Nice to have:

  • Demonstrated experience leading other responders through direct command during incidents and longer-term technical mentorship
  • Strong bias for action and continuous improvement
  • Experience responding to incidents in highly distributed, cloud-scale environments where blast radius and coordination complexity are significant
  • Broad security domain knowledge (infrastructure, endpoint, product, identity, data) and the ability to reason across them during incidents
  • Ability to script or code (Python, Go, or similar) to automate response tasks, prototype tooling, or close operational gaps
What we offer:
  • Eligible to participate in Uber's bonus program
  • May be offered an equity award & other types of comp
  • All full-time employees are eligible to participate in a 401(k) plan
  • Eligible for various benefits (see link)

Additional Information:

Job Posted:
February 11, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Uber - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Security Incident Commander

Principal Incident Commander

We're looking for an Information Security Incident Commander to join our team, p...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Previous incident management experience
  • 7+ years experience in information security
  • Strong written and verbal communication skills
  • Attention to detail
  • Investigative mindset
  • Ability to stay organized under pressure
  • Confidence to manage up to more senior leaders during incident response activities
  • Effective delegation of tasks across diverse workstreams
  • Experience leading functional groups/engagements
  • Awareness of Enterprise customers' expectations when communicating an incident or vulnerability
Job Responsibility
Job Responsibility
  • Identify which plans, playbooks, and processes apply to a particular Security Incident
  • Engage all required stakeholders for a particular response effort and ensure they are kept aware of all details and developments
  • Regularly update leadership on a regular cadence and when significant changes to previously known statuses arise
  • Lead incident bridge calls
  • Translate technical communications into non-technical communications
  • Assist in the development of an overall response strategy
  • Participate in preparedness activities such as tabletop exercises and red team events
  • Assist with internal and external incident related communication, both written and verbal
  • Document incident response efforts
  • Drive incident response efforts to meet SLOs and SLAs
What we offer
What we offer
  • Health coverage
  • Paid volunteer days
  • Wellness resources
  • Fulltime
Read More
Arrow Right

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Senior Security Engineer - Incident Response

Mozilla is looking for an Incident Responder to monitor and mitigate attacks acr...
Location
Location
Germany
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of demonstrated ability managing security incidents at a global scale and/or experience working in Security Operations Centers (SOC), Product Security Incident Response Teams (PSIRT), and Computer Security Incident Response Teams (CSIRT)
  • Expertise with security information and event management (SIEM) systems (eg. ELK, Google BigQuery, Splunk, etc.). Splunk proficiency is preferred
  • Expertise with endpoint detection and investigation. Hands-on experience with leading EDR tools and demonstrated ability to leverage endpoint telemetry to find root cause
  • Expertise with security orchestration and automation (SOAR) platforms such as Tines or Splunk SOAR
  • Superb communication and leadership capacity
  • ability to partner effectively with diverse company stakeholders
  • Real-world experience in software development and/or engineering operations for consumer products and services
  • B.S. in a technology-focused field is helpful
  • Practical experience working with cloud technologies (eg. Google Cloud Platform, Amazon Web Services, Heroku, Microsoft Azure, etc.)
  • Ownership and Accountability
Job Responsibility
Job Responsibility
  • Identify and respond to security incidents on a global scale
  • Act as an incident commander to drive incidents through the entire response lifecycle
  • Design and maintain a portfolio of security alerts, automated actions, playbooks and escalation workflows in support of a high-performing 24/7 incident response capability
  • Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors
  • Research threat intelligence reports, triage and manage resulting workflows
  • Partner with key stakeholders and communicate effectively to maintain a continuously improving feedback loop of preparation, identification, analysis, containment, and post mortem activities
  • Participate in on-call rotation
What we offer
What we offer
  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Information Security Manager

The Information Security Manager will lead a team to develop and implement secur...
Location
Location
Romania , Cluj
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or related field
  • Minimum 5-10 years of experience in a similar role
  • Proven experience managing cybersecurity teams, with strong people leadership, coaching, and performance management skills
  • Deep understanding of security technologies including SIEM, firewalls, IDPS, antivirus, encryption, and vulnerability management tools
  • Ability to align security initiatives with business goals and translate complex technical risks into actionable business decisions
  • Excellent ability to communicate security concepts to technical and non-technical audiences, including senior leadership
  • Strong analytical and decision-making skills to address complex security challenges and incidents
  • Familiarity with security frameworks and regulations such as ISO 27001, GDPR, NIST, and CIS
  • Experience in managing security projects and initiatives across cross-functional teams
  • Demonstrated experience in information security leadership roles within global IT environments
Job Responsibility
Job Responsibility
  • Leadership & Team Management: Manage, mentor, and develop a team of Information Security Analysts, ensuring high performance, continuous learning, and alignment with organizational goals
  • Security Strategy & Governance: Define and implement the information security strategy, policies, and standards in alignment with business objectives and regulatory requirements
  • Risk Management: Oversee risk assessments, vulnerability management, and threat analysis to proactively identify and mitigate security risks
  • Incident Response Oversight: Lead the incident response process, ensuring timely investigation, containment, and remediation of security incidents
  • Compliance & Audit: Ensure adherence to relevant frameworks and regulations (e.g., ISO 27001, GDPR, NIST), and support internal and external audits
  • Security Architecture & Operations: Collaborate with IT and other departments to integrate security controls into systems, networks, and applications
  • Reporting & Metrics: Develop and present security metrics, risk dashboards, and incident reports to senior leadership and stakeholders
  • Continuous Improvement: Stay current with emerging threats, technologies, and best practices, and drive continuous improvement in security posture
  • Stakeholder Engagement: Act as a key point of contact for internal and external stakeholders on security matters, providing guidance and expertise
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Pick your working style: choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or accredited Coaching School
  • Epic parties or themed events
Read More
Arrow Right

Head of Information Security

The Head of Information Security is a senior technical leadership role. The role...
Location
Location
Poland , Kraków
Salary
Salary:
Not provided
content.perkinelmer.com Logo
PerkinElmer
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Engineering, or related field
  • 5+ years of experience in technical cybersecurity roles
  • Proven experience leading enterprise-scale security engineering and operations teams
Job Responsibility
Job Responsibility
  • Own the enterprise security architecture across network, endpoint, cloud, identity, and application domains
  • Define technical security standards, reference architectures, and engineering patterns
  • Lead the selection, deployment, and lifecycle management of security platforms and tooling
  • Embed security-by-design into infrastructure, cloud, and application initiatives
  • Lead Security Operations (SOC / SecOps), including detection, response, and operational resilience
  • Own vulnerability management, threat intelligence, and security telemetry
  • Drive continuous improvement in detection, automation, and response effectiveness
  • Lead the Cybersecurity Incident Response Team (CIRT)
  • Act as technical incident commander during major security incidents
  • Own investigation, containment, eradication, and recovery activities
What we offer
What we offer
  • Private healthcare including dental care
  • Life and long-term disability insurance
  • MyBenefit Cafeteria system
  • Multisport Card
  • Social Fund Subsidies
  • Home Office allowance
  • Tuition reimbursement
  • Referral awards
  • Internal career development opportunities in multiple business areas
  • Day off to celebrate your birthday
Read More
Arrow Right
New

Infrastructure Security Engineer

The Infrastructure Security Engineer role involves supporting the design, implem...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-4 years of experience in IT infrastructure, networking, or systems administration
  • 1-2 years exposure to security technologies and practices
  • Hands-on experience with network devices and security tools
  • Experience working in team environments on technical projects
  • Demonstrated interest in developing cybersecurity career
  • Basic understanding of network security principles and architectures
  • Familiarity with firewall concepts and basic configuration (Palo Alto, Cisco ASA, Fortinet)
  • Knowledge of common security technologies (antivirus, IPS/IDS, proxies)
  • Understanding of Windows and Linux operating system security
  • Basic scripting skills (PowerShell, Bash, Python) for automation tasks
Job Responsibility
Job Responsibility
  • Assist in implementing network security controls including firewalls, IPS/IDS, and proxies under supervision
  • Configure basic network security policies and access control lists following approved designs
  • Support network segmentation implementations and VLAN configurations
  • Assist with VPN setup and secure remote access solution deployments
  • Document network security configurations and changes accurately
  • Perform routine security device maintenance and updates under guidance
  • Support deployment and configuration of security technologies including SIEM, EDR, and endpoint protection
  • Assist in integrating security tools with existing infrastructure under supervision
  • Configure security monitoring rules and alerts based on approved templates
  • Support security technology testing and validation activities
What we offer
What we offer
  • Tailored benefits supporting physical, emotional, and financial wellbeing
  • Continuous growth and development opportunities
  • Opportunity to have flexible work options
  • Fulltime
Read More
Arrow Right

Command and Control Senior Manager

The C3 Senior Manager is responsible for the day-to-day management and operation...
Location
Location
Canada , Toronto
Salary
Salary:
Not provided
cloudcarib.com Logo
Cloud Carib
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5 to 10+ years of previous operations experience as a Senior Manager with direct experience in a Data Centre, Cloud Computing, Managed Services, or Hosting environment as associated to ITIL and ITSM practices
  • Bachelor’s degree in computer science or relevant area or accumulated on the job experience within the IT/Technology Services industry
  • Demonstrated leadership, communication, and technical writing skills
  • Advanced skills in a wide array of technologies to ensure operational expertise and technologies that are aligned to the Services offered by the company
  • Ability to budget, multi-task, prepare reports, and measure results
  • Must speak and write fluently in the English language
Job Responsibility
Job Responsibility
  • The Senior Manager leads the C3 (Command and Control Centre) Service Desk function and is accountable for process mapping between staff and controls in relation to Event Management, Incident Management, and Problem Resolution
  • The Senior Manager is accountable to guarantee both passive and active monitoring tools are in place and fully functional 24x7x365 to maintain 100% compliance for data capture for any change in any Configuration Item (CI) or Service under management
  • The Senior Manager is responsible to ensure that monitoring systems and practices are constantly tuned to guarantee Event management is focused on generating and detecting meaningful notifications about the status of the IT infrastructure and Services
  • The Senior Manager is responsible for generating daily, weekly, monthly, quarterly, and annual compliance reports that Event Management is functioning within a complaint state
  • where variations occur, clear documentation is present to show remediation timelines and plans for audit purpose
  • The Senior Manager is accountable and responsible for ensuring end-to-end compliance to established Service Level Agreements (SLAs) and Service Level Objectives (SLOs) for all aspects of the service desk function
  • The Senior Manager is accountable for planning, management, and operations of all tools, processes, and people involved in the Incident Management process
  • The Senior Manager is responsible for coordinating all interfaces between Incident Management and other Service Management Processes
  • The Senior Manager is responsible for generating daily, weekly, monthly, quarterly, and annual compliance reports that Incident Management is achieving greater than the 90th percentile in efficiency, cost, and Client satisfaction
  • The Senior Manager is accountable and responsible for the end-to-end management, oversight, escalation (technical and management), and communications for all Major Incidents
  • Fulltime
Read More
Arrow Right