Manager, Security Engineering, Incident Response

Manager, Security Engineering, Incident Response

The Incident Response team's mission is to respond to security threats, incidents, and investigations to protect our customers, employees, and enterprise data in a fast, efficient, and standardized manner. We're a tight-knit team of security analysts and incident responders located globally doing "Security for Databricks on Databricks", using our own platform to create near-real-time log analytics, alerting, and forensics.

We’re looking for a talented Security Engineering Manager who can bring their domain expertise and experience in managing a team of incident responders, lead complex investigation and impact analysis, develop new forensic capabilities and tools, improve security operations efficiency through automation with SIEM and SOAR platforms. The position reports to Sr Mgr, Incident Response and it may include up to 50% of technical hands-on work as needed.

The ideal candidate is someone who can lead the team during investigations well even under pressure, engage with various stakeholders, communicate findings and investigations results to leadership, proactively build large scale projects for automation & improvements for faster incident response and provide timely and actionable feedback to their team to continue raising the bar for Security at Databricks.

The impact you will have:

• Grow and develop the team reflecting the culture of Databricks culture principles as applied to their team, including in difficult situations. This also includes, but is not limited to, performance management and timely and actionable feedback, with minimal attrition.
• Timely achieve IR targets (OKRs, KPIs and initiatives) that improve our capabilities to respond and remediate security events faster. This will also require making effective priority decisions on resourcing and alignment within the team.
• Maintain strong partnership with Detection & Response leadership and other teams in Security Org and Databricks (e.g. Engineering and IT)
• Review and architect scalable and organized frameworks for security automation and orchestration and pre-investigation analysis and triage of alerts from various sources like detection pipelines, exploitable vulnerabilities and reports.
• Perform crisis management using the Incident Management System (IMS). You will lead investigations, engage with various stakeholders as necessary and communicate investigations to leadership and drive towards incident resolution.
• Respond rapidly to new incidents as part of a distributed daytime operations and on-call schedule.

What we look for:

• 7+ years of Security experience overall with a broad knowledge across the Security domain, demonstrating strong understanding of cybersecurity principles, technologies, and attack vectors, especially in Cloud Security (proficient at least in one major cloud vendor among AWS, Azure, and GCP).
• 5+ years of Incident Response experience with expertise in Incident Management and Incident Response tool development. Experience with security incident and event management (SIEM) tools, intrusion detection/prevention systems (IDS/IPS), endpoint detection and response (EDR) solutions, and forensic analysis tools.
• 0-2 years of prior management experience or equivalent (demonstrated work leading teams of incident responders or security experts)
• Strong analytical and problem-solving abilities, with the ability to analyze complex security incidents and identify effective response strategies.
• Ability to work effectively in a fast-paced, dynamic environment and manage competing priorities.
• Ability to provide leadership and guidance to a team and to inspire and motivate their team and those around them.
• Proven ability to interview and consistently make high-quality hiring decisions quickly.

About Databricks

Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics, and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake, and MLflow.

Our Commitment to Diversity and Inclusion

At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.

Compliance

If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.