Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow.
Senior Enterprise Security Engineer
Location
California
Posted
68 days ago
Salary
0
Seniority
Senior
Job Description
Senior Enterprise Security Engineer
Databricks
• Databricks is hiring an L5 Enterprise Security Engineer to expand Enterprise Security coverage across a rapidly evolving enterprise environment. • This role will focus on securing enterprise applications, cross-system integrations, data flows, and emerging AI-adjacent use cases. • The scope includes modern access patterns such as MCP, integration, and trust boundary security, and broader security engineering support across enterprise platforms and services. • This engineer will help identify risk, define practical security requirements, and improve security outcomes through strong technical judgment and cross-functional partnership. • This role sits at the intersection of enterprise architecture, security engineering, and business enablement. • The engineer will review new technologies, integrations, and workflows with an emphasis on secure design, authentication and authorization, data handling, logging, third-party connectivity, API and token security, and operational resilience. • The role partners closely with IT, Engineering, Legal, Privacy, Procurement, and business stakeholders to surface risk early, set clear requirements, and support scalable adoption of secure patterns. • This is a strong opportunity to help shape how Enterprise Security supports SaaS, internal platforms, automation, and AI-connected systems as the environment continues to grow in complexity.
Job Requirements
- 7+ years of experience in security engineering, enterprise security, application security, cloud security, or a related field.
- Experience conducting security design or architecture reviews for enterprise applications, SaaS platforms, integrations, or internally developed systems.
- Strong understanding of authentication, authorization, SSO, federation, SCIM, API security, token handling, secrets management, and least privilege design
- Experience assessing data flows, third-party integrations, trust boundaries, logging and monitoring, and security controls across interconnected systems.
- Ability to evaluate risk in modern enterprise environments, including automation platforms, AI-adjacent workflows, and emerging integration patterns such as MCP.
- Strong written and verbal communication skills, including the ability to translate technical risk into clear requirements and actionable guidance.
- Experience driving security outcomes through engineering judgment, influence, and scalable process improvement.
- Familiarity with cloud platforms, enterprise identity systems, and core control domains such as audit logging, encryption, access control, data retention, and incident response.
Benefits
- At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visit https://www.mybenefitsnow.com/databricks.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Own CMMC L2 certification and FedRAMP High authorization efforts end-to-end, including gap analysis, remediation tracking, evidence collection, and assessment coordination. • Maintain compliance with DFARS cybersecurity clauses (7012, 7019, 7020), ITAR, EAR and other federal requirements; manage SPRS score and supplier requirements. • Develop and maintain System Security Plans, POA&Ms, policies, procedures, and supporting artifacts across all compliance frameworks. • Serve as primary point of contact for C3PAO/3PAO assessors, government customers, prime contractors, and agency authorizing officials. • Manage continuous monitoring activities including vulnerability scanning, access reviews, evidence collection, and monthly/annual reporting. • Monitor regulatory changes across CMMC, FedRAMP, NIST 800-171/800-53, DFARS, and ITAR; assess impact and drive necessary updates. • Implement security controls hands-on, including identity and access management, logging, encryption, and endpoint security. • Harden cloud infrastructure in GCP, AWS, implementing security configurations and access controls aligned with compliance requirements. • Build automation and tooling for evidence collection and compliance reporting; integrate security into CI/CD pipelines. • Define, document, and enforce CUI boundaries and enclave architecture. • Translate compliance requirements into actionable technical guidance for engineering teams. • Support customer security assessments, due diligence requests, and contract security requirements.
Physical Security Designer, Estimator
Wachter, Inc.Wachter enables business transformation by solving complex challenges to keep your organization successful.
• Assist the Systems Engineering and Sales Departments in developing technical Solutions that meet customer requirements. • Maintain current knowledge of the equipment and technologies he/she supports by attending training provided by the manufacturer. • The ability to read and understand RFPs, technical drawings, and technical requirements for IT-focused projects. • A good methodical approach to tasks, ability, and interests to learn new technologies. • Will be required to continue to learn new physical security solutions (Video surveillance and access control) and as a plus an understanding of electrical limitations with respect to physical security. • Self-motivated, able to meet deadlines and maintain quality of work under pressure.
Senior Security Engineer – Automations, Appsec Product Security
XepelinPlataforma de soluciones financieras para toda empresa.
• Diseñar, desarrollar y mantener herramientas internas/servicios de seguridad enfocados en automatización de procesos como vulnerability management, gestión de identidades, attack surface atumatic detection, security assessments, gestión de riesgos, etc. • Construir APIs y microservicios (principalmente backend) eficientes, seguros y escalables, utilizando Python (FastAPI o Flask), desplegados en entornos cloud y K8s. Conocimiento de Go será un plus. • Co-construir con los distintos sub-equipos de Cybersecurity y Platform steps en pipelines CI/CD enfocados 100% en el controles de seguridad. • Gestión de Vulnerabilidades y Respuesta • Pentesting Interno: Realizar pruebas de penetración profundas en aplicaciones web, móviles y APIs. • Triage y Priorización: Decidir qué se arregla primero basándose en el riesgo real del negocio, no solo en la puntuación CVSS. • Bug Bounty: Gestionar la relación con investigadores externos y validar los reportes entrantes. • Participar en el diseño y mejora continua de herramientas como SAST, pentesting automatizado. • Aportar una mirada de developer rigurosa a los estándares de codificación segura y calidad técnica del equipo. Tener experiencia en code review es un plus.
Security Engineer – Product & Production Infrastructure
WizSecure everything you build and run in the cloud
• Lead threat modeling and security review exercises across Wiz’s production and CI/CD environments – identifying and mitigating risks in our products and the cloud services that support them. • Drive vulnerability management and remediation efforts – prioritizing issues, implementing mitigations, and designing strategic preventative controls. • Extend our detection and response capabilities – building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents. • Build deep functional partnerships with Wiz’s engineering and operations teams – helping them deliver secure-by-design solutions.
