Sr. Security Incident Handler
In order to comply with U.S. Government information security and federal contractor regulations, including Department of Defense Cloud Computing Security Requirements for Impact Level 6 Cloud Service Provider personnel, and facilitate compliance with other regulations such as FedRAMP High baseline, and requirements of certain federal contracts, this role is open to United States citizens on United States Soil only.
This role is open to remote candidates in any US Location.
We are looking for experienced Incident Handlers with cross functional skills, domain expertise and communication skills. Our mission is to respond to security threats, incidents and investigations to protect our customers, employees and enterprise data in a fast, efficient and standardized manner. You will report to the Head of Incident Response in the Security Org. You will be responsible for leading incidents, investigations and security initiatives from postmortems in the AMER timezone. You will be a security multiplier and help the team improve security incident handling at Databricks.
The impact you will have:
- You will lead investigations, engage with different stakeholders and communicate investigations to leadership and lead towards incident resolution.
- Respond to new incidents as part of a distributed daytime operations and on-call schedule.
- Handle SEV-1s independently, potentially also scoped SEV-0 with some support.
- You can guide investigations with multiple teams across multiple organizations, to gain traction and tradeoff to resolve issues.
- You can handle incomplete incident context, and choose best solutions with limited or incomplete information.
- Partner and build relationships with Engineering and Security teams to contain and mitigate risks during incidents
- Lead blameless incident postmortems and identify root causes, including systemic issues.
- Identify, get commitment for, and follow up on projects identified in the postmortem process.
What we look for:
- Strong oral and written communication skills, customer centric attitude and ability to work in a culturally diverse environment.
- 5+ years of experience in Incident Management Systems or certifications like CISM,GSEC, CISSP or PMP.
- Program management skills, including prioritization and dealing with ambiguous requirements. You have experience to balance short term/ tactical follow ups and track long term improvements across multiple teams.
- Experience with technical concepts of cloud security, data ecosystem and the Incident Response process lifecycle.
- Understand industry wide security terms and models : NIST,ISO/IEC 27001, OWASP, MITRE ATT&CK for Cloud Enterprise.
- Proven ability to build relationships and propel momentum with clients and stakeholders
- Comprehensive health coverage including medical, dental, and vision
- 401(k) Plan Equity awards
- Flexible time off
- Paid parental leave
- Family Planning
- Gym reimbursement
- Annual personal development fund Employee Assistance Program (EAP)
Pay Range Transparency
Databricks is committed to fair and equitable compensation practices. The pay range(s) for this role is listed below and represents base salary range for non-commissionable roles or on-target earnings for commissionable roles. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on the factors above, Databricks utilizes the full width of the range. The total compensation package for this position may also include eligibility for annual performance bonus, equity, and the benefits listed above. For more information regarding which range your location is in visit our page here.
Databricks is the data and AI company. More than 9,000 organizations worldwide — including Comcast, Condé Nast, and over 50% of the Fortune 500 — rely on the Databricks Lakehouse Platform to unify their data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe. Founded by the original creators of Apache Spark™, Delta Lake and MLflow, Databricks is on a mission to help data teams solve the world’s toughest problems. To learn more, follow Databricks on Twitter, LinkedIn and Facebook.
Our Commitment to Diversity and Inclusion
At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.
If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.