**About the Role** At Uber, trust is not just a goal - it’s a design principle. The **Platform Security** team builds and operates foundational infrastructure that ensures every service, user, and device within our ecosystem can be authenticated, trusted, and secured by default. We are looking for a seasoned **Staff Software Engineer** to lead the design and development of the Security Platform **(PKI, KMS, and Secrets)** that powers Uber’s security architecture. This role is an opportunity to solve large-scale, complex problems around cryptographic identity, key management, and service-to-service trust, while shaping the next generation of our secure cloud and device footprint. The ideal candidate has a deep systems engineering mindset, thrives in collaborative environments, and brings a bias for simplification, scale, and rapid iteration. **What You Will Do** 1. Architect and build distributed, secure backend systems to enable **zero trust architecture (zero-touch certificate issuance**, **key lifecycle management**, and **secrets automation)** across **cloud-native multi-cloud** infrastructure 2. Drive Uber’s **Platform modernization efforts** while maintaining high UX standards for client teams 3. Expand and scale secure services 4. Integrate cryptographic infrastructure into Uber’s **developer, CI/CD, and provisioning workflows** 5. Collaborate across various teams and orgs to design scalable **trust and identity models** 6. Investigate and introduce emerging security technologies into core infrastructure 7. Mentor engineers, lead technical design reviews, and champion engineering excellence in documentation, testing, observability, and operations **Basic Qualifications** 1. 8+ years of software engineering experience, with strong focus in backend infrastructure, distributed systems, or platform security 2. Proficiency in one or few languages like **Go, Python, Java or** C/C# with experience building performant, maintainable, and secure codebases 3. Deep knowledge of **PKI**, cryptography and **identity** 4. Experience with **certificate authorities, secrets storages** and lifecycle tools (e.g., EJBCA, Hachicorp Vault) 5. Practical experience with **KMS infrastructure**, including cloud-native tools (e.g., AWS/GCP KMS, OCI Vault, Azure KeyVault) or HSM integrations 6. Strong systems design, debugging, and operations background in Security infrastructure leveraging consensus mechanisms for cryptographickey/secrets management 7. Effective cross-functional communicator and technical leader **Preferred Qualifications** 1. Knowledge of **zero-trust architectures**, mTLS, SPIFFE/SPIRE, and service mesh integrations 2. Experience working across both **cloud (AWS/GCP)** and hybrid/on-prem environments 3. Familiarity with **Infrastructure-as-Code tools** (Terraform) and secure automation 4. Contributions to open-source PKI, crypto/tink, or security tooling 5. Experience building device attestation, hardware-backed identity, or cloud-native workload identity solutions 6. Demonstrated impact on org-wide architectural decisions and mentorship at scale Uber's mission is to reimagine the way the world moves for the better. Here, bold ideas create real-world impact, challenges drive growth, and speed fuelds progress. What moves us, moves the world - let’s move it forward, together. Offices continue to be central to collaboration and Uber's cultural identity. Unless formally approved to work fully remotely, Uber expects employees to spend at least half of their work time in their assigned office. For certain roles, such as those based at green-light hubs, employees are expected to be in-office for 100% of their time. Please speak with your recruiter to better understand in-office expectations for this role. \*Accommodations may be available based on religious and/or medical conditions, or as required by applicable law. To request an accommodation, please reach out to [accommodations@uber.com](mailto:accommodations@uber.com).