
Urgent Sr. Product Security Engineer
2 days ago
Job Description
RDQ326R107
About The Team
The Product Security Team at Databricks is responsible for embedding security throughout the Software Development Lifecycle (SDLC). Our mission is to left-shift securityensuring that all code, whether powering customer-facing features or supporting internal infrastructure, is developed with security in mind from the start. By reducing the likelihood of introducing vulnerabilities and minimizing the impact of externally reported issues, we safeguard Databricks products and services at scale.
Role Overview
As a Product Security Engineer, you will play a key role in securing the features and infrastructure that power Databricks. You will partner closely with engineering teams across the organization to design secure systems, conduct security reviews, and enable scalable, repeatable secure development practices through automation, paved pathways, and guardrails.
You'll support the full spectrum of security within the SDLCfrom architecture and threat modeling through secure coding, pentesting, and deployment. In addition, you will contribute to incident and vulnerability response efforts and help scale our security influence through tools, frameworks, and processes that support both engineers and compliance needs.
Responsibilities
- Partner with product and engineering teams to design secure systems, identify risks early, and guide the development of robust solutions
- Conduct comprehensive security reviews including threat modeling, design analysis, manual code reviews, and exploit development to validate potential weaknesses
- Design and build guardrails that prevent common security mistakes and ensure consistent, enforceable policies across services
- Develop and maintain paved pathwayssecure-by-default development patterns, frameworks, and tools that enable engineering teams to build securely without friction
- Triage and analyze findings from Static Application Security Testing (SAST) tools, distinguishing false positives from genuine issues and performing variant analysis to identify similar vulnerabilities across the codebase.
- Operate and evolve Dynamic Application Security Testing (DAST) tooling and automation to support vulnerability detection and defect tracking
- Support incident response (IR) and vulnerability response (VRP) workflows as needed, partnering with internal teams to investigate and remediate security events
- Enhance internal security automation frameworks and integrations to meet evolving compliance and regulatory requirements (e.g., FedRAMP, PCI, HIPAA)
- Contribute to the continuous improvement of SDLC-integrated security processes, with a focus on risk-based prioritization, real-world impact, and the implementation of AI-assisted tooling to enhance efficiency, accuracy, and scalability.
What We Look For
- 35 years of experience in product or application security
- Proficiency in threat modeling and identifying design flaws using architecture diagrams and data flow models
- Experience conducting security assessments, code reviews, and partnering with engineering teams to remediate vulnerabilities
- Ability to independently lead security reviews for medium- to large-scale features or systems
- Collaborates effectively with cross-functional teams to integrate security practices into the SDLC and improve developer security awareness
- Expertise in at least two of the following domains:
- Ability to read code and identify security defects in two or more programming languages (e.g., Python, Java, Scala, JavaScript)
- Hands-on experience with exploit development, proof-of-concept creation, or exploit chaining
- Strong automation skills for building security tools and processes using AI-agents (think Cursor, Goose, VSCode, etc)
- Familiarity with fuzzing techniques is a plus
- Pragmatic approach to securityprioritizing risk management over theoretical severity
- Other good to have credentials
About Databricks
Databricks is the data and AI company. More than 10,000 organizations worldwide including Comcast, Cond Nast, Grammarly, and over 50% of the Fortune 500 rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark, Delta Lake and MLflow. To learn more, follow Databricks on Twitter, LinkedIn and Facebook.
Benefits
At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visit https://www.mybenefitsnow.com/databricks.
Our Commitment to Diversity and Inclusion
At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.
Compliance
If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.
-
Sr. Cloud Security Engineer
3 days ago
Bengaluru, Karnataka, India Iitjobs Inc. Full time ₹ 2,40,000 per yearGreetingsWe have an urgent opening Sr. Cloud Security Engineer- AWS, Azure, GCP - RemoteRole:- Cloud Security EngineerLocation- RemoteDuration: Long term ContractualBudget: 24 LPAShift: Rotational Shift( 9am - 6pm, 12pm -9pm, 6pm-3am)Immediate to 15 days JoinerJD:Proven hands-on experience with security features and policy enforcement in Azure, AWS, and...
-
Cyber security engineer
1 week ago
India Vista Applied Solutions Group Inc Full timeHiring Sr Cyber Security Engineer | Long Term Contract | Remote Job Title: Sr Cyber Security Engineer – Product Security Location: Mostly Indian business hours, some cross over with US and EU teams Duration: Long Term Contract Remote About the Role We are seeking a Senior Cyber Security Engineer to lead efforts in securing our products and...
-
Cyber Security Engineer
1 week ago
India Vista Applied Solutions Group Inc Full timeHiring Sr Cyber Security Engineer | Long Term Contract | Remote Job Title: Sr Cyber Security Engineer – Product Security Location: Mostly Indian business hours, some cross over with US and EU teams Duration: Long Term Contract Remote About the Role We are seeking a Senior Cyber Security Engineer to lead efforts in securing our products and...
-
Cyber Security Engineer
1 week ago
India Vista Applied Solutions Group Inc Full timeHiring Sr Cyber Security Engineer | Long Term Contract | Remote Job Title: Sr Cyber Security Engineer – Product Security Location: Mostly Indian business hours, some cross over with US and EU teams Duration: Long Term Contract Remote About the Role We are seeking a Senior Cyber Security Engineer to lead efforts in securing our products...
-
Security Engineer
2 weeks ago
india Altered Security Full timeWe are looking for talentedSecurity Engineersto join our team!Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments. It has offices in India and Singapore.We are experts in information security training, cyber ranges, online labs and security assessments. We have trained more than 40000+...
-
Sr Engineer- Product Security
7 days ago
Bengaluru, India Xperi Inc. Full timeJob Description Xperi invents, develops and delivers technologies that create extraordinary experiences at home and on the go for millions of people around the world. Powering billions of consumer electronics, connected cars and digital content titles, we make entertainment more immersive, driving more intelligent and every interaction seamlessly...
-
Cyber Security Engineer
1 week ago
India Vista Applied Solutions Group Inc Full timeHiring Sr Cyber Security Engineer | Long Term Contract | RemoteJob Title: Sr Cyber Security Engineer – Product SecurityLocation: Mostly Indian business hours, some cross over with US and EU teams Duration: Long Term ContractRemoteAbout the RoleWe are seeking a Senior Cyber Security Engineer to lead efforts in securing our products and technologies. You'll...
-
Cyber Security Engineer
1 week ago
India Vista Applied Solutions Group Inc Full timeHiring Sr Cyber Security Engineer | Long Term Contract | Remote Job Title: Sr Cyber Security Engineer – Product Security Location: Mostly Indian business hours, some cross over with US and EU teams Duration: Long Term Contract Remote About the Role We are seeking a Senior Cyber Security Engineer to lead efforts in securing our products and...
-
Security Engineer
3 weeks ago
India Altered Security Full timeWe are looking for talentedSecurity Engineersto join our teamAltered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments. It has offices in India and Singapore.We are experts in information security training, cyber ranges, online labs and security assessments. We have trained more than 40000+...
-
Cyber Security Engineer
3 days ago
India Vista Applied Solutions Group Inc Full timeHiring Sr Cyber Security Engineer | Long Term Contract | Remote Job Title: Sr Cyber Security Engineer – Product Security Location: Mostly Indian business hours, some cross over with US and EU teams Duration: Long Term Contract Remote About the Role We are seeking a Senior Cyber Security Engineer to lead efforts in securing our products and...