Senior Program Leader, GSO Vendor Compliance Strategy & Governance

About the Role

Global Support Operations (GSO) is responsible for managing Uber's external vendor network, ensuring seamless customer support worldwide. As a Senior Program Leader for Security & Compliance Strategy and Governance, you will collaborate with internal security teams, stakeholders, and external partners to uphold and enforce Uber's security and compliance measures.

This role requires expertise in security frameworks, regulatory compliance, and risk management to protect Uber's proprietary and sensitive data. You will work cross-functionally with teams across the globe, ensuring that security policies remain current, effective, and properly implemented within Uber's vendor ecosystem.

• Access & Asset Management: Oversee Yubikey asset management, job title and permission group setup, and access control reviews to prevent excessive access.
• Technical Site Transitions: Lead security initiatives during technical site launches and ramp-downs to ensure compliance.
• Policy Development & Enforcement: Maintain and communicate internal security policies, ensuring alignment with evolving regulatory and business requirements.
• Real-Time Monitoring: Oversee refund and appeasement monitoring and GDPR CRM search compliance.
• Incident & Escalation Management: Handle security escalations, tracking resolution and reporting closure outcomes.

• Operational Audits: Conduct virtual and physical site audits, vendor self-audits, and compliance reviews (e.g., IP allowlisting, OneLogin, MFA/VDI access, active site rosters, and insurance compliance).
• BPO & Vendor Compliance: Ensure BPO partners meet Uber's security requirements through vendor manager checklists, network risk assessments, and policy alignment.
• Regulatory & Internal Compliance: Oversee FTC consent audits, TPRM compliance, and alignment with Uber's internal audit teams.
• Remediation & Change Management: Lead post-audit remediation efforts, tracking necessary changes and ensuring corrective actions.

• Risk Assessment & Management: Develop and maintain a network risk matrix to assess vendor and site-specific risks.
• Stakeholder Collaboration: Partner with internal security, compliance, and legal teams to drive alignment on security governance and evolving regulatory requirements.
• Continuous Improvement: Evaluate Uber's security framework, identify gaps, and propose data-driven improvements to enhance security resilience across global operations

• 7+ years of experience in security, compliance, or risk management in a large multinational company or outsourced contact center environment
• Minimum 2+ years experience managing a team
• Expertise in security compliance, risk frameworks, and regulatory requirements affecting global operations
• Proven ability to translate security risks into actionable insights that enhance customer trust and operational resilience
• Bachelor's degree from an accredited institution (Security, Risk Management, Business, or related field preferred)

• Strong written and verbal communication skills across diverse teams and leadership levels
• Ability to be an Uber brand and security compliance advocate, ensuring vendors meet Uber's standards.
• Team-oriented leader who fosters collaboration and aligns different perspectives into a unified security strategy
• Strong multi-tasking, prioritization, and project management skills
• Experience working in a complex matrixed environment, balancing multiple priorities and stakeholders
• Self-motivated problem-solver with a data-driven approach to security risk management