Security Risk Management Officer
New York, NY, USA
Posted on Monday, May 22, 2023
The security organization at Uber is dedicated to enabling safe and secure innovation while protecting the communities we serve both online and in the physical world. Our teams are responsible for protecting both people and their data across intersections of the digital and physical world. The primary objective for Uber Engineering Security team is to enable the technical ambitions of the company while maintaining the highest standards of security and privacy for our customers and partners. As cybersecurity threats evolve, so do we. About The TEAMThe Security Risk and Compliance team provides compliance solutions for UBER’s processes, technology and people that enables informed decision making for our partners to mitigate risks. We are looking for a Risk Management leader to build an effective and coherent organization-wide risk management program. About The RoleThe risk officer is responsible for the effective assumption of manageable risk and helps the organization avoid anything that might threaten the successful execution of the company’s duties by developing a risk management framework that anticipates, identifies, eliminates and/or mitigates threats to keep the company operating effectively. What You'll Do
- Evaluate operational risks and formulate strategies to overcome and mitigate vulnerabilities.
- Implement and oversee core risk management tools, including risk assessment and identification, prioritization, development and execution of mitigation plans
- Implement and track key performance indicators and program maturity measures
- Partner engagement including outreach, formal training, involvement in committees, building and maintaining strong relationships, educating the broader Uber workforce in risk management principles and techniques
- Stand-up a risk management board steering committee working with EngSec leadership team for visibility
- Serve as an advisor and partner with risk owners in other areas of the company. For example, internal audit, payments security, physical security, financial risk management to name a few .
- At least 10 years experience in a risk management function at a financial institution or consultancy.
- Experience (preferred) with implementing common frameworks like SIRA, NIST, CIS, PCI DSS, GDPR, COBIT, FISMA, HIPAA, ISO 27001, SOC2, etc.
- Ability to work multi-functionally and influence partners with a “soft touch.”
- Deep knowledge of IT regulations and control frameworks, with knowledge of and ability to interpret and apply related federal, state, and local laws, ordinances, rules, regulations, etc.;
- Ability to evaluate process effectiveness and develop change or alternatives;
- Knowledge of and the ability to apply the principles and practices to strategically align tasks and people with organizational goals and objectives;
- Ability to establish and maintain effective working relationships; and to create/develop/manage high performing teams.
See more open positions at Uber
Something looks off?