Urgent Sr. Product Security Engineer

3 weeks ago


Bengaluru India Databricks Full time

Job Description

RDQ326R107

About The Team

The Product Security Team at Databricks is responsible for embedding security throughout the Software Development Lifecycle (SDLC). Our mission is to left-shift securityensuring that all code, whether powering customer-facing features or supporting internal infrastructure, is developed with security in mind from the start. By reducing the likelihood of introducing vulnerabilities and minimizing the impact of externally reported issues, we safeguard Databricks products and services at scale.

Role Overview

As a Product Security Engineer, you will play a key role in securing the features and infrastructure that power Databricks. You will partner closely with engineering teams across the organization to design secure systems, conduct security reviews, and enable scalable, repeatable secure development practices through automation, paved pathways, and guardrails.

You'll support the full spectrum of security within the SDLCfrom architecture and threat modeling through secure coding, pentesting, and deployment. In addition, you will contribute to incident and vulnerability response efforts and help scale our security influence through tools, frameworks, and processes that support both engineers and compliance needs.

Responsibilities

- Partner with product and engineering teams to design secure systems, identify risks early, and guide the development of robust solutions
- Conduct comprehensive security reviews including threat modeling, design analysis, manual code reviews, and exploit development to validate potential weaknesses
- Design and build guardrails that prevent common security mistakes and ensure consistent, enforceable policies across services
- Develop and maintain paved pathwayssecure-by-default development patterns, frameworks, and tools that enable engineering teams to build securely without friction
- Triage and analyze findings from Static Application Security Testing (SAST) tools, distinguishing false positives from genuine issues and performing variant analysis to identify similar vulnerabilities across the codebase.
- Operate and evolve Dynamic Application Security Testing (DAST) tooling and automation to support vulnerability detection and defect tracking
- Support incident response (IR) and vulnerability response (VRP) workflows as needed, partnering with internal teams to investigate and remediate security events
- Enhance internal security automation frameworks and integrations to meet evolving compliance and regulatory requirements (e.g., FedRAMP, PCI, HIPAA)
- Contribute to the continuous improvement of SDLC-integrated security processes, with a focus on risk-based prioritization, real-world impact, and the implementation of AI-assisted tooling to enhance efficiency, accuracy, and scalability.

What We Look For

- 35 years of experience in product or application security
- Proficiency in threat modeling and identifying design flaws using architecture diagrams and data flow models
- Experience conducting security assessments, code reviews, and partnering with engineering teams to remediate vulnerabilities
- Ability to independently lead security reviews for medium- to large-scale features or systems
- Collaborates effectively with cross-functional teams to integrate security practices into the SDLC and improve developer security awareness
- Expertise in at least two of the following domains:
- Ability to read code and identify security defects in two or more programming languages (e.g., Python, Java, Scala, JavaScript)
- Hands-on experience with exploit development, proof-of-concept creation, or exploit chaining
- Strong automation skills for building security tools and processes using AI-agents (think Cursor, Goose, VSCode, etc)
- Familiarity with fuzzing techniques is a plus
- Pragmatic approach to securityprioritizing risk management over theoretical severity
- Other good to have credentials

About Databricks

Databricks is the data and AI company. More than 10,000 organizations worldwide including Comcast, Cond Nast, Grammarly, and over 50% of the Fortune 500 rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark, Delta Lake and MLflow. To learn more, follow Databricks on Twitter, LinkedIn and Facebook.

Benefits

At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visit https://www.mybenefitsnow.com/databricks.

Our Commitment to Diversity and Inclusion

At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.

Compliance

If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.



  • Delhi, India TAC Security Full time

    Job Description Job Description As a Security Engineer VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients...


  • Bengaluru, India FICO Full time

    Job Description FICO (NYSE: FICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity As a Product Security Engineer II in Cyber Security, you will be supporting security governance for a wide set of customer-facing...

  • Security Engineer

    2 weeks ago


    india Altered Security Full time

    We are looking for Security Engineers with following qualities to join our team at Altered Security:- Passionate about information security. - Ability to solve challenges. - Interest in new attack vectors and creating challenges. - Demonstrated experience in Windows and Active Directory security. - If you hold CRTP certification, it is a plus.Who should...

  • Security Engineer

    2 weeks ago


    india Altered Security Full time

    We are looking forSecurity Engineerswith following qualities to join our team at Altered Security:Passionate about information security. Ability to solve challenges. Interest in new attack vectors and creating challenges. Demonstrated experience in Windows and Active Directory security. If you hold CRTP certification, it is a plus.Who should apply:Very good...


  • India Vista Applied Solutions Group Inc Full time

    Hiring Sr Cyber Security Engineer | Long Term Contract | Remote Job Title: Sr Cyber Security Engineer – Product Security Location: Mostly Indian business hours, some cross over with US and EU teams Duration: Long Term Contract Remote About the Role We are seeking a Senior Cyber Security Engineer to lead efforts in securing our products...


  • Bengaluru, India Xperi Inc. Full time

    Job Description Xperi invents, develops and delivers technologies that create extraordinary experiences at home and on the go for millions of people around the world. Powering billions of consumer electronics, connected cars and digital content titles, we make entertainment more immersive, driving more intelligent and every interaction seamlessly...


  • Bengaluru, India Ecolab Global Services Full time

    Job Description Senior Security Engineer Product Security Experience:6-8 Years Department:Information Security Employment Type:Full-Time Overview Ecolabs Information Security team is seeking a Senior Security Engineer with strong expertise in Product Security to lead and enhance secure software development practices across the organization. This role focuses...

  • Sr Security Engineer

    2 weeks ago


    Bengaluru, India Ecolab Full time

    Job Description Job Position Senior Security Engineer Product Security Location: Bangalore, Karnataka Experience: 68 Years Department: Information Security Employment Type: Full-Time Overview Ecolab's Information Security team is seeking a Senior Security Engineer with strong expertise in Product Security to lead and enhance secure software development...


  • Bengaluru, Karnataka, India Motive Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Who we are:Motive empowers the people who run physical operations with tools to make their work safer, more productive, and more profitable. For the first time ever, safety, operations and finance teams can manage their drivers, vehicles, equipment, and fleet related spend in a single system. Combined with industry leading AI, the Motive platform gives you...


  • Bengaluru, Karnataka, India, Karnataka FICO Full time

    FICO (NYSE: FICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential!The Opportunity"As a Product Security Engineer II in Cyber Security, you will be supporting security governance for a wide set of customer-facing products and services...