Sr. Staff Product Security Engineer

3 weeks ago

Bengaluru, India Databricks Full time

RDQ226R536

About the Team

The Product Security Team at Databricks is responsible for embedding security throughout the Software Development Lifecycle (SDLC). Our mission is to left-shift security—ensuring that all code, whether powering customer-facing features or supporting internal infrastructure, is developed with security in mind from the start. By reducing the likelihood of introducing vulnerabilities and minimizing the impact of externally reported issues, we safeguard Databricks’ products and services at scale.

Role Overview

As a Product Security Engineer , you will play a key role in securing the features and infrastructure that power Databricks. You will partner closely with engineering teams across the organization to design secure systems, conduct security reviews, and enable scalable, repeatable secure development practices through automation, paved pathways, and guardrails.

You’ll support the full spectrum of security within the SDLC—from architecture and threat modeling through secure coding, pentesting, and deployment. In addition, you will contribute to incident and vulnerability response efforts and help scale our security influence through tools, frameworks, and processes that support both engineers and compliance needs.

Responsibilities

Partner with product and engineering teams to design secure systems , identify risks early, and guide the development of robust solutions Conduct comprehensive security reviews including threat modeling, design analysis, manual code reviews, and exploit development to validate potential weaknesses Design and build guardrails that prevent common security mistakes and ensure consistent, enforceable policies across services Develop and maintain paved pathways —secure-by-default development patterns, frameworks, and tools that enable engineering teams to build securely without friction Triage and analyze findings from Static Application Security Testing (SAST) tools, distinguishing false positives from genuine issues and performing variant analysis to identify similar vulnerabilities across the codebase. Operate and evolve Dynamic Application Security Testing (DAST) tooling and automation to support vulnerability detection and defect tracking Support incident response (IR) and vulnerability response (VRP) workflows as needed, partnering with internal teams to investigate and remediate security events Enhance internal security automation frameworks and integrations to meet evolving compliance and regulatory requirements (e.g., FedRAMP, PCI, HIPAA) Contribute to the continuous improvement of SDLC-integrated security processes, with a focus on risk-based prioritization, real-world impact, and the implementation of AI-assisted tooling to enhance efficiency, accuracy, and scalability.


What we look for

10+ years of experience in product or application security, with deep expertise in securing large-scale, distributed systems Extensive experience influencing architectural decisions, embedding security-by-design principles, and aligning security goals with business objectives Proven leadership in cross-functional initiatives, including incident response, security reviews, and risk management at scale Recognized mentor and technical leader, enabling the growth of security-minded culture through coaching, training, and collaboration Thought leader in emerging security technologies and practices, including the integration of AI/ML to scale security operations and tooling Expertise in at least two of the following domains: Ability to read code and identify security defects in two or more programming languages (e.g., Python, Java, Scala, JavaScript ) Hands-on experience with exploit development , proof-of-concept creation, or exploit chaining Strong automation skills for building security tools and processes using AI-agents (think Cursor, Goose, VSCode, etc) Familiarity with fuzzing techniques is a plus Pragmatic approach to security—prioritizing risk management over theoretical severity Other good to have credentials

  • Staff Engineer – Product Security

    5 days ago

    Bengaluru, India Whatjobs IN C2 Full time

    Job Title: Staff Engineer – Product Security Location: Bangalore, India Who We Are: For enterprises struggling to secure cloud workloads, Aviatrix® offers a single solution for pervasive cloud security. Where current cybersecurity approaches focus on securing entry points to a trusted space, Aviatrix Cloud Native Security Fabric (CNSF) delivers runtime...

  • Staff engineer

    3 weeks ago

    Bengaluru, India Aviatrix Full time

    Job Title: Staff Engineer – Product Security Location: Bangalore, IndiaWho We Are:For enterprises struggling to secure cloud workloads, Aviatrix® offers a single solution for pervasive cloud security. Where current cybersecurity approaches focus on securing entry points to a trusted space, Aviatrix Cloud Native Security Fabric (CNSF) delivers runtime...

  • Staff Engineer – Product Security

    4 days ago

    Bengaluru, India Aviatrix Full time

    Job Title: Staff Engineer – Product SecurityLocation: Bangalore, IndiaWho We Are:For enterprises struggling to secure cloud workloads, Aviatrix® offers a single solution for pervasive cloud security. Where current cybersecurity approaches focus on securing entry points to a trusted space, Aviatrix Cloud Native Security Fabric (CNSF) delivers runtime...

  • Staff Engineer – Product Security

    3 days ago

    Bengaluru, India Aviatrix Full time

    Job Title: Staff Engineer – Product SecurityLocation: Bangalore, IndiaWho We Are:For enterprises struggling to secure cloud workloads, Aviatrix® offers a single solution for pervasive cloud security. Where current cybersecurity approaches focus on securing entry points to a trusted space, Aviatrix Cloud Native Security Fabric (CNSF) delivers runtime...

  • Staff Engineer – Product Security

    4 weeks ago

    Bengaluru, India Aviatrix Full time

    Job Title: Staff Engineer – Product Security Location: Bangalore, India Who We Are: For enterprises struggling to secure cloud workloads, Aviatrix® offers a single solution for pervasive cloud security. Where current cybersecurity approaches focus on securing entry points to a trusted space, Aviatrix Cloud Native Security Fabric (CNSF) delivers...

  • Sr. Staff Engineer

    2 weeks ago

    Bengaluru, Karnataka, India Automation Anywhere Full time ₹ 20,00,000 - ₹ 25,00,000 per year

    About UsAutomation Anywhere is the leader in Agentic Process Automation (APA), transforming how work gets done with AI-powered automation. Its APA system, built on the industry's first Process Reasoning Engine (PRE) and specialized AI agents, combines process discovery, RPA, end-to-end orchestration, document processing, and analytics—all delivered with...

  • Sr. Staff Product Security Engineer

    3 weeks ago

    Bengaluru, India Databricks Full time

    RDQ226R536 About the Team The Product Security Team at Databricks is responsible for embedding security throughout the Software Development Lifecycle (SDLC). Our mission is to left-shift security—ensuring that all code, whether powering customer-facing features or supporting internal infrastructure, is developed with security in mind from the start....

  • Sr. Staff Product Engineer

    3 weeks ago

    Bengaluru, India Infineon Technologies Full time

    Job Description Sr. Staff Product Engineer with FE and BE yield improvements, Test time reduction activities, fab transfers, and fab / process qualifications. Job Description - In your new role you will: - Perform FA and sustaining engineering activities for ICW products(PSOC, Wi-Fi, and Blue Tooth devices). - Perform electrical Failure Analysis for PSOC and...

  • Staff Engineer

    6 days ago

    Bengaluru, Karnataka, India Rubrik Security Cloud Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Staff Engineer, Rubrik Security AppsBangalore, IndiaAbout Team:The Rubrik Security Apps team helps customers secure their data on the cloud, SaaS and on-prem. Data is growing at an ever growing pace and so are the risks with cyber attacks targeted towards cloud data. We make it easy for businesses to protect, search, analyze all of their data simply and...

  • Staff / Sr. Staff Engineer (DLP)

    3 weeks ago

    Bengaluru, India Netskope Full time

    About Netskope Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security.  Since 2012, we have...