Databricks is hiring a
Manager, Security Engineering

Summary

Join our team as a Security Engineering Manager and lead the Incident Response team in responding to security threats, incidents, and investigations. You will be responsible for managing a team of incident responders, leading complex investigations, developing new forensic capabilities, and improving security operations efficiency through automation.

Requirements

• 7+ years of Security experience overall with a broad knowledge across the Security domain, demonstrating strong understanding of cybersecurity principles, technologies, and attack vectors, especially in Cloud Security (proficient at least in one major cloud vendor among AWS, Azure and GCP)
• 5+ years of Incident Response experience with expertise in Incident Management and Incident Response tool development
• 0-2 years of prior management experience or equivalent (demonstrated work leading teams of incident responders or security experts)
• Strong analytical and problem-solving abilities, with the ability to analyze complex security incidents and identify effective response strategies
• Ability to work effectively in a fast-paced, dynamic environment and manage competing priorities
• Ability to provide leadership and guidance to a team and to inspire and motivate their team and those around them
• Proven ability to interview and consistently make high quality hiring decisions quickly

Responsibilities

• Grow and develop the team reflecting the culture of Databricks culture principles as applied to their team, including in difficult situations
• Timely achieve IR targets (OKRs, KPIs and initiatives) that improve our capabilities to respond and remediate security events faster
• Maintain strong partnership with Detection & Response leadership and other teams in Security Org and Databricks (e.g. Engineering and IT)
• Review and architect scalable and organized frameworks for security automation and orchestration and pre-investigation analysis and triage of alerts from various sources like detection pipelines, exploitable vulnerabilities and reports
• Perform crisis management using the Incident Management System (IMS). You will lead investigations, engage with various stakeholders as necessary and communicate investigations to leadership and drive towards incident resolution
• Respond rapidly to new incidents as part of a distributed daytime operations and on-call schedule