About the job
The Security and Privacy Architecture team is Uber's technical privacy authority. We lead architectural reviews, define privacy engineering standards, and build prototypes that prove out privacy solutions before they're productionized. This role focuses on the intersection of privacy and AI: you'll design controls for LLM-based products, agentic systems, and unstructured data pipelines, and build working PoCs that demonstrate measurable impact. It's a high-visibility position where you'll shape how Uber adopts AI safely and turn one-off privacy problems into scalable platform capabilities.
Responsibilities
Design and prototype privacy and security controls for AI systems — prompt/log handling, fine-tuning data pipelines, vector stores, and agentic tool integrations.
Lead privacy design reviews and architectural assessments for high-impact systems including large-scale data platforms, real-time streaming infrastructure, advertising systems, and new AI products.
Build working anonymization PoCs for unstructured data and multimedia, going beyond regex to handle complex entity types, multi-locale data, and contextual identifiers.
Identify recurring manual privacy/security processes and convert them into scalable automations, templates, and platform capabilities.
Partner with Security, Privacy Legal, Product, Infrastructure, Compliance, and Ads teams on complex privacy workstreams; mentor engineers on privacy-by-design and safe AI system design.
Qualifications
Minimum
1. Bachelor’s degree in Computer Science, Engineering, Information Security, or a related technical field.
2. 8+ years in software engineering, security engineering, or privacy engineering.
3. Demonstrated hands-on building: you have personally designed and prototyped technical solutions, not just reviewed or advised on them. You should be able to walk us through your technical approach and design decisions in depth.
4. Expertise in privacy engineering: anonymization, data minimization, deletion/retention architecture, etc.
5. Strong understanding of distributed systems, service-oriented architectures, and modern data platforms.
6. Experience leading complex cross-functional technical initiatives across multiple teams.
7. Experience defining technical standards for new technology areas.
8. Strong communication skills. You can explain privacy/technical tradeoffs clearly to engineers, legal partners, and senior leadership.
Preferred
1. Experience performing architectural privacy reviews and translating ambiguous requirements into clear technical standards and implementation guidance.
2. Experience building privacy/security controls for AI/ML systems: LLM-based products, agentic systems, model evaluation pipelines, or enterprise AI tooling.
3. Hands-on experience with PII detection, redaction, or pseudonymization for unstructured data or multimedia (video, audio, images), including experience with NER models, ML-based approaches, or computer vision for de-identification.
4. Experience with data deletion architecture: deletion propagation, derived data cleanup, backup/restore, legal hold, and retention enforcement.
5. Experience prototyping with ML/LLM tools to solve privacy/security problems (e.g., using language models for PII detection, building classifiers for sensitive data, or applying ML to privacy automation).
6. Background in privacy-sensitive domains: adtech, autonomous vehicles, financial services, identity, marketplace data, or cross-border data sharing.
7. Research background or experience in de-identification, synthetic data, or privacy-preserving transformations.