Senior Product Security Engineer

Benefits

Parental leave

Not verified

Non-birth-parent leave

Not verified

Family-building benefits

• Fertility benefits: Not verified
• Adoption assistance: Not verified
• Surrogacy assistance: Not verified

Mental health support

Not verified

Relocation assistance

Not verified

Childcare support

Not verified

Learning budget

Not verified

Verification

Not verified

Salary

Not verified not verified - source not recorded; timestamp not recorded

401(k) match

Not verified

Was this benefit information wrong? Tell us.

Schedule

Shift type

Not verified

Weekend work

Not verified

Application

Cover letter

Not verified

Assessment

Not verified

Deadline

Not stated

Where they hire

State eligibility is not yet verified.

About this role

Senior Product Security Engineer United States RDQ326R24 - This role can be based remotely anywhere in the United States. The Product Security Team's mission is to Left-shift SDLC (Security Development Lifecycle) processes for ALL code written in Databricks (for Customer Use or Supporting Customer internally) to reduce the likelihood of introducing new vulnerabilities in production and minimize the count and effect of externally identified vulnerabilities on Databricks Services. You will be an individual contributor on the product security team at Databricks, managing SDLC functions for features and products within Databricks. This would include, but is not limited to, security design reviews, threat models, manual code reviews, exploit writing and exploit chain creation. You will also support IR and VRP programs when there is a vulnerability report or a product security incident. You will work with a global team, spread across various locations in the US and EMEA. The impact you will have: - Full SDLC Support for new product features being developed in ENG and non-ENG teams. This would include Threat Modeling, Design Review, Manual Code Review, Exploit writing, etc. - Work with other security teams to provide support for Incident Response and Vulnerability Response as and when needed. - Work with the results of SAST tools to help evaluate and identify false positives and file defects for real issues. - Work on DAST tools and related automation for auto-assessment and defect filing. - Maintain the automation framework and add new features as needed to support different security compliances that

Read the full description at databricks.com. FewerJobs shows a source-linked preview and links to the original posting.