We are seeking a Staff Security Engineer, who is a senior hands-on developer and will be responsible for driving Security Architecture and shaping Security strategy of the engineering organization. In this role, you will report to the Head of Product Security & Infrastructure, with visibility to our executive leadership team as well as our customers. In this role you will drive the technical charter of the Security Engineering team. This involves being an integral component in hiring and mentoring other team members, defining security integration into SDLC and researching/implementing/extending the necessary security tools, providing security best practices, reviewing existing services and infrastructure, building security frameworks across different programming languages and participating in design and architecture reviews, and implementing security features.
Define and drive Secure SDLC including training, security best practices, Security Architecture, Design/Code Reviews, Threat Modeling, Security Tools, Pen Testing, Incident Response.
Perform security review of existing Databricks PaaS services, cloud infrastructure and establish processes to ensure that all production code gets a review.
Build Security Frameworks (Authentication, Authorization, Crypto, Multi-Tenancy, Vulnerability Protection) across Java, Scala, Python.
10+ years of software development experience in multiple programming languages
Proven track record of successful collaboration with cross functional teams to improve product and service security.
Excellent communication skills and strong ability to clearly articulate security content and risks, and mitigation.
5+ years of experience in Product Security, specifically reviewing Designs and Threat Modeling for cloud services.
Experience identifying and protecting against web application and web service security vulnerabilities & threats and ways to mitigate them, including those found in the OWASP Top 10 and CWE Top 25.
Medical, dental, vision
401k Retirement Plan
Unlimited Paid Time Off
Catered lunch (everyday), snacks, and drinks
Employee referral bonus program
Maternity and paternity plans
Databricks' mission is to accelerate innovation for its customers by unifying Data Science, Engineering and Business. Founded by the original creators of Apache Spark, Databricks provides a Unified Analytics Platform for data science teams to collaborate with data engineering and lines of business to build data products. Users achieve faster time-to-value with Databricks by creating analytic workflows that go from ETL and interactive exploration to production. The company also makes it easier for its users to focus on their data by providing a fully managed, scalable, and secure cloud infrastructure that reduces operational complexity and total cost of ownership. Databricks, venture-backed by Andreessen Horowitz, NEA and Battery Ventures, among others, has a global customer base that includes Salesforce, Viacom, Shell, and HP. For more information, visit www.databricks.com.
Apache, Apache Spark and Spark are trademarks of the Apache Software Foundation.