Head of GSO Vendor Compliance Strategy & Governance
| Company | Uber |
|---|---|
| Location | San Francisco, CA, USA, Chicago, IL, USA, New York, NY, USA, Phoenix, AZ, USA |
| Salary | $149000 – $207000 |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior, Expert or higher |
Requirements
- 7+ years of experience in security, compliance, or risk management in a large multinational company or outsourced contact center environment
- Minimum 2+ years experience managing a team
- Expertise in security compliance, risk frameworks, and regulatory requirements affecting global operations
- Proven ability to translate security risks into actionable insights that enhance customer trust and operational resilience
- Bachelor’s degree from an accredited institution (Security, Risk Management, Business, or related field preferred)
Responsibilities
- Oversee Yubikey asset management, job title and permission group setup, and access control reviews to prevent excessive access
- Lead security initiatives during technical site launches and ramp-downs to ensure compliance
- Maintain and communicate internal security policies, ensuring alignment with evolving regulatory and business requirements
- Oversee refund and appeasement monitoring and GDPR CRM search compliance
- Handle security escalations, tracking resolution and reporting closure outcomes
- Conduct virtual and physical site audits, vendor self-audits, and compliance reviews (e.g., IP allowlisting, OneLogin, MFA/VDI access, active site rosters, and insurance compliance)
- Ensure BPO partners meet Uber’s security requirements through vendor manager checklists, network risk assessments, and policy alignment
- Oversee FTC consent audits, TPRM compliance, and alignment with Uber’s internal audit teams
- Lead post-audit remediation efforts, tracking necessary changes and ensuring corrective actions
- Develop and maintain a network risk matrix to assess vendor and site-specific risks
- Partner with internal security, compliance, and legal teams to drive alignment on security governance and evolving regulatory requirements
- Evaluate Uber’s security framework, identify gaps, and propose data-driven improvements to enhance security resilience across global operations
Preferred Qualifications
- Strong written and verbal communication skills across diverse teams and leadership levels
- Ability to be an Uber brand and security compliance advocate, ensuring vendors meet Uber’s standards
- Team-oriented leader who fosters collaboration and aligns different perspectives into a unified security strategy
- Strong multi-tasking, prioritization, and project management skills
- Experience working in a complex matrixed environment, balancing multiple priorities and stakeholders
- Self-motivated problem-solver with a data-driven approach to security risk management