Overview

Sr. Security Engineer – Product Security Jobs in San Francisco, CA at Databricks



Title: Sr. Security Engineer – Product Security

Company: Databricks

Location: San Francisco, CA

Salary: $100K – $150K*

Category: Enterprise Technology

Mission

We are seeking an Application/Product security engineer, who is a hands-on developer and will be responsible for driving Security Architecture and shaping Security strategy of the engineering organization. In this role, you will report to the Head of Product Security, with visibility to our executive leadership team as well as our customers. This involves mentoring other team members, defining security integration into SDLC and researching/implementing/extending the necessary security tools, providing security best practices, reviewing existing services and infrastructure, build security frameworks across different programming languages and participate in design and architecture reviews, and implement security features. This role requires constant collaboration with other teams in engineering and security stakeholders outside engineering. The Security Engineering team’s mission is to enable Databricks to develop secure products and services while sustaining high-feature velocity and high quality and ensure that Databricks meets customer security and compliance requirements.

Outcomes

Define and drive Secure SDLC including training, security best practices, Security Architecture, Design/Code Reviews, Threat Modeling, Security Tools, Pen Testing, Incident Response.

Research, Prototype, integrate Security Tools into CI/CD pipeline (Container Security, Static, Dynamic, Application Scanning, Third party Vulnerability Scanning, etc) with 100% coverage of all deployment/build pipelines. Build new tools and extend existing tools to bridge gaps in existing tools, leveraging technologies like Machine Learning.

Help drive security across our AWS and Azure infrastructure.

Competencies

5+ years of software development experience in multiple programming languages.

Excellent communication skills and strong ability to clearly articulate security content and risks, and mitigation.

3+ years of experience in Product Security, specifically reviewing Designs and Threat Modeling for cloud services.

Experience identifying and protecting against web application and web service security vulnerabilities & threats and ways to mitigate them, including those found in the OWASP Top 10 and CWE Top 25.

Engineering background is a preferred.

Benefits

Medical, dental, vision

401k Retirement Plan

Unlimited Paid Time Off

Catered lunch (everyday), snacks, and drinks

Gym reimbursement

Employee referral bonus program

Awesome coworkers

Maternity and paternity plans

About Databricks