Product Security Engineer

September 4

Apply Now

Receive Emails with Similar Jobs

Databricks

WebsiteLinkedInAll Job Openings

Artificial Intelligence • Enterprise • SaaS

Databricks is a data and AI company that provides a unified platform for data engineering, machine learning, and analytics. It focuses on optimizing big data processing and helps organizations leverage Apache Spark to deliver deeper insights and powerful data-driven applications. Databricks also offers robust tools and seamless integration for machine learning operations.

1001 - 5000 employees

Founded 2013

🤖 Artificial Intelligence

🏢 Enterprise

☁️ SaaS

💰 $1.6G Series H on 2021-08

📋 Description

• Left-shift SDLC (Security Development Lifecycle) processes for ALL code written in Databricks to reduce the likelihood of introducing new vulnerabilities. • Individual contributor managing SDLC functions: security design reviews, threat models, manual code reviews, exploit writing and exploit chain creation. • Support Incident Response (IR) and Vulnerability Response (VRP) programs when there is a vulnerability report or a product security incident. • Work with other security teams to provide support for Incident Response and Vulnerability Response as needed. • Work with the results of SAST tools to evaluate and identify false positives and file defects for real issues. • Work on DAST tools and related automation for auto-assessment and defect filing. • Maintain the automation framework and add new features to support security compliances (FedRamp, PCI, HIPPA, etc.). • Prioritize security from a risk management perspective and help develop and implement security processes to improve productivity.

🎯 Requirements

• 2-4 years Experience with the Threat Modeling process and ability to find design problems based on a block diagram of data flow. • Understanding on at least two of the following domains - Web Security, Cloud Security, Systems Security and Applied Cryptography. • Proficient with one or more of Programming languages ( Python/Java/Scala/JavaScript) and ability to read code to identify security defects. • Skilled in scripting and automation on exploits • Fuzzing skills are good to have. • Exploit writing skills is a positive and greatly required. • This role can be based remotely anywhere in the United States.

🏖️ Benefits

• Eligibility for annual performance bonus • Equity • Comprehensive benefits and perks that meet the needs of all of our employees (see https://www.mybenefitsnow.com/databricks)