Databricks
Databricks is the lakehouse company$1. .$1
Apache Spark • Apache Spark Training • Cloud Computing • Big Data • Data Science
1001 - 5000
Sr. Staff Security Engineer
May 8
🏢 In-office - San Francisco
Databricks
Databricks is the lakehouse company$1. .$1
Apache Spark • Apache Spark Training • Cloud Computing • Big Data • Data Science
1001 - 5000
Description
• Develop and maintain a security architecture strategy that aligns with the organization's risk management and governance policies. • Evaluate and recommend security technologies that fortify the company's data and application infrastructure. • Engage in security design and architecture reviews of large inter-department projects, ensuring compliance with the latest security practices and standards focusing on access control, authentication, encryption, secure data processing, etc. • Collaborate with IT and other non-ENG business leaders to develop a cohesive security posture that balances risk and business requirements. • Conduct system security and vulnerability analyses, risk assessments, and provide recommendations to mitigate risks. • Stay up-to-date with emerging threats and provide guidance to teams as required. • Coordinate with legal and regulatory experts to understand the implications of privacy laws, and ensure that the architecture complies with these requirements. • Mentor and provide guidance to other team members in security best practices.
Requirements
• Solid understanding of product security fundamentals with expertise on Threat Modeling, and a working knowledge of exploit writing. • Deep understanding of cloud security architecture, security protocols, cryptography, authentication, authorization, security vulnerabilities, and remediation techniques. • Experience securing common Business Systems (e.g. Salesforce/Workday/Netsuite) as well as their associated integrations (e.g. APIs or other external connections) • Demonstrates lead-by-influence by executing through other leaders • Professional security certification is a plus (e.g., OSCP, OSCE). • Experience with security frameworks (e.g., NIST, ISO) and regulations (e.g., GDPR, HIPAA). • Excellent communication skills, with the ability to explain complex security concepts to a variety of audiences. • Demonstrated problem-solving skills and the ability to work under pressure. • Typically 15+ years of experience or advanced degree +12 years of experience in the security domain. • BS or higher in Computer Science or Computer Engineering
Benefits
• Medical, Dental, and Vision • 401(k) Plan • FSA, HSA and Commuter Benefit Plans • Equity Awards • Flexible Time Off • Paid Parental Leave • Family Planning • Fitness Reimbursement • Annual Career Development Fund • Home Office/Work Headphones Reimbursement • Employee Assistance Program (EAP) • Business Travel Accident Insurance • Mental Wellness Resources
Apply Now
