Sr. Security Engineer – Product Security Jobs in San Francisco, CA at Databricks
Title: Sr. Security Engineer – Product Security
Location: San Francisco, CA
Salary: $100K – $150K*
Category: Enterprise Technology
We are seeking an Application/Product security engineer, who is a hands-on developer and will be responsible for driving Security Architecture and shaping Security strategy of the engineering organization. In this role, you will report to the Head of Product Security, with visibility to our executive leadership team as well as our customers. This involves mentoring other team members, defining security integration into SDLC and researching/implementing/extending the necessary security tools, providing security best practices, reviewing existing services and infrastructure, build security frameworks across different programming languages and participate in design and architecture reviews, and implement security features. This role requires constant collaboration with other teams in engineering and security stakeholders outside engineering. The Security Engineering team’s mission is to enable Databricks to develop secure products and services while sustaining high-feature velocity and high quality and ensure that Databricks meets customer security and compliance requirements.
Define and drive Secure SDLC including training, security best practices, Security Architecture, Design/Code Reviews, Threat Modeling, Security Tools, Pen Testing, Incident Response.
Research, Prototype, integrate Security Tools into CI/CD pipeline (Container Security, Static, Dynamic, Application Scanning, Third party Vulnerability Scanning, etc) with 100% coverage of all deployment/build pipelines. Build new tools and extend existing tools to bridge gaps in existing tools, leveraging technologies like Machine Learning.
Help drive security across our AWS and Azure infrastructure.
5+ years of software development experience in multiple programming languages.
Excellent communication skills and strong ability to clearly articulate security content and risks, and mitigation.
3+ years of experience in Product Security, specifically reviewing Designs and Threat Modeling for cloud services.
Experience identifying and protecting against web application and web service security vulnerabilities & threats and ways to mitigate them, including those found in the OWASP Top 10 and CWE Top 25.
Engineering background is a preferred.
Medical, dental, vision
401k Retirement Plan
Unlimited Paid Time Off
Catered lunch (everyday), snacks, and drinks
Employee referral bonus program
Maternity and paternity plans