Senior Enterprise Security Engineer

Summary

Join a growing team at Databricks as a Sr. Enterprise Security engineer, leading enterprise security projects and promoting best practices. This critical role ensures the security of business systems and applications through design reviews, threat modeling, and data flow analysis. You will identify architectural weaknesses, assess attack vectors, and recommend mitigations. The ideal candidate possesses strong enterprise application security, risk assessment, and secure architecture expertise. You will provide guidance on implementing Databricks security policies and continuously improve security processes. Databricks offers comprehensive benefits and perks; details are available at https://www.mybenefitsnow.com/databricks.

Requirements

• Engineering Bachelor's Degree, or relevant experience
• Substantial demonstrated expertise as a Security Engineer with experience in Enterprise security
• Strong knowledge of threat modeling methodologies (e.g., STRIDE, DREAD, PASTA) and their application in real-world scenarios
• Significant experience with NIST 800-53 or similar frameworks

Responsibilities

• Conduct security design reviews for corporate applications and systems, identifying architectural weaknesses and security gaps
• Develop comprehensive threat models to assess attack vectors, vulnerabilities, and mitigations in our deployment and product interactions
• Analyze data flows to understand how sensitive data is stored, processed, and transmitted across applications and infrastructure
• Provide guidance on the implementation of Databricks security policies, standards, and frameworks aligned with industry best practices (e.g., NIST, ISO 27001, OWASP)
• Perform risk assessments and recommend appropriate mitigations to reduce the attack surface
• Continuously evaluate and improve security design review processes and tooling introducing automation where appropriate

Preferred Qualifications

• Experience with automating security reviews is desirable
• Expertise in offering perspective and guidance on an enterprise scale for public and internal services in a cloud-centric environment
• Skill and experience with Identity and Access Management (IAM) solutions such as Okta; Device Management solutions such as Jamf/Intune; tuning EDR (Crowdstrike/SentinelOne/similar) with complex engineering/development workloads; and Just In Time administrative access is desirable
• Familiarity with network access solutions (CASBs/Prisma/NAC) is advantageous
• A passion for working in high-growth environments