DatabricksRemote
Sr. Staff Security Engineer, Incident Response
United States of America
Full Time
4 hours ago
$229,000 - $315,000 USD
No H1B
Key skills
Incident ResponseIncident ManagementThreat IntelligenceCloud SecurityAWSAzureGCPDigital ForensicsNetwork ForensicsApplication/Log AnalysisHost/Disk ForensicsMemory ForensicsMalware AnalysisCloud ForensicsEndpoint ForensicsEnterprise SecurityMacOS SecuritySIEMSOAREDRForensic Analysis ToolsSecurity AutomationSecurity OrchestrationAI in SecurityEmpathyMentorshipAIDatabricksCommunication
About this role
Databricks is seeking a strategic Sr. Staff Security Engineer, Incident Response to join their Incident Response team. This role involves developing technology strategies, leading investigations, and enhancing security operations to protect enterprise data and improve the company's security posture.
Responsibilities:
- Drive or influence the organization’s direction and roadmap, leading internal conversations about major technology areas and inspiring adoption
- Lead complex investigations and impact analysis, performing crisis management using the Incident Management System (IMS)
- Exhibit expert knowledge in all cloud vendors used by Databricks (AWS, Azure, GCP), deeply understanding the entire architecture of major business components and articulating their security and risk limits
- Drive the establishment of a cutting-edge threat detection and response program, significantly reducing Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) to security incidents
- Architect scalable and organized frameworks for security automation and orchestration, including pre-investigation analysis and triage of alerts
- Demonstrate the ability to fix difficult and company-impactful problems wherever they lie, even if outside your comfort zone
- Serve as a role model and mentor to every technical member of the team
- Identify areas where Databricks can share effectively with the outside world, guiding content creation and communication via presentations and blogs
- Work across departments, integrating security practices into various aspects of the organization and product development lifecycle
Requirements:
- Typically 12+ years of experience in security, with a strong focus on incident response, detection, and/or threat intelligence, or an advanced degree with 8+ years of experience
- Deep expertise in Incident Management and Incident Response tool development
- Demonstrates knowledge of Azure and AWS cloud concepts
- Expertise in analyzing logs, correlating available log sources to conclude an attack scenario, and identifying logging gaps to suggest best configurations for IR needs
- Ability to function as an architect of cloud deployment and map cloud environment fundamentals to other major providers
- Highly skilled in multiple areas of digital forensics (e.g., Network, Application/Log Analysis, Host/Disk, Memory Forensics/Malware Analysis, Cloud Forensics, Endpoint Forensics)
- Detailed understanding of enterprise security incidents and in-depth knowledge of malware on endpoints
- Expert understanding of MacOS security posture and architecture
- Proficient with SIEM and SOAR platforms, EDR solutions, and forensic analysis tools
- Skilled in leveraging AI and automation technologies to enhance security operations and threat detection capabilities
- Exceptional ability to engage in difficult conversations, handle them appropriately, and exhibit empathy and emotional intelligence
- Proven capability to build, mentor, and lead high-performing cybersecurity teams, fostering a culture of excellence and continuous improvement
- Strong communication of technical decisions through design docs and tech talks
- A history of proactively identifying and solving issues that impact the team and company
- Demonstrates a strong desire to help peers and collaborate effectively
- Able to push back or say no to unreasonable stakeholder requests in a professional and constructive manner
- U.S. citizenship is required