Sr. Staff Security Risk Management Engineer

RDQ326R108

As the Team Lead (Individual Contributor) for the Security Risk Management team at Databricks, you will be responsible for driving the program development and operational excellence of our security risk management program. You are expected to be a catalyst for embedding security into the fabric of the organization, enabling secure innovation, and safeguarding the company’s assets, reputation, and strategic objectives.

In this critical role, you will provide subject matter expertise and leadership to a team of security risk management professionals within our dynamic, cloud-native technology environment. You will collaborate extensively with cross-functional partner teams (e.g., Security, IT, Engineering, Compliance, Internal Audit) worldwide to conduct comprehensive security risk assessments, maintain the Databricks risk register, and more.

While this is a remote work opportunity within the following geographic regions, work hours will have to heavily overlap with the US East and US West time zones:  

• Netherlands, Great Britain / United Kingdom

The impact you will have:

• Drive Security Risk Management program maturity to enable risk-informed decision making by the business leadership about risk tolerance and resource allocation
• Lead the team of Security Risk Management engineers to drive effectiveness and efficiency in program’s operations
• Be the primary point of contact for the handling of escalations with cross-functional teams and leadership
• Integrate security risk management across the organization
• Determine and drive risk mitigation efforts
• Support recurring reporting of risk program metrics to leadership
• Manage security risk acceptance and exceptions processes
• Maintain risk-related policy and process documents

What we look for:

We are looking for a professional with the following skills and practical experience in:

• Leading, mentoring, and developing a high-performing security risk management team, fostering collaboration, technical excellence, and continuous learning
• Designing, implementing, and managing a security risk management program
• Managing escalations and effectively interacting with leadership and cross-functional teams
• Building and documenting risk management and risk acceptance / security exception processes specific to a company’s environment
• Completing projects with multiple dependencies / constraints and build relationships with / manage diverse stakeholders remotely
• Tracking and reporting of key performance and risk indicators
• Ability to clearly articulate risk concepts and results to leadership and peers
• Excellent verbal and written communication, documentation, collaboration, analytical, and presentation skills
• Bachelor's degree from an accredited college or university in cybersecurity, computer science, or related field is preferred
• Relevant security and GRC certifications, such as CISSP, CCSP, CSSLP, CGRC, CCSK, GSEC, GCIH, GCFE, GCFA, CISA, CRISC, and CEH, are preferred
• 12+ years of security experience or advanced degree + 8 years of security experience
• 2 - 4 years of prior team management experience
• Working understanding of security, assessment, risk management, and compliance frameworks (e.g., NIST 800-37, NIST 800-39, NIST 800-30, MITRE ATT&CK, ISO 27001, ISO 27005, NIST 800-53, SOC 2, PCI, FedRAMP) and how they ar

About Databricks

Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow. To learn more, follow Databricks on Twitter, LinkedIn and Facebook.

Benefits

At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visit https://www.mybenefitsnow.com/databricks. 

Our Commitment to Diversity and Inclusion

At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.

Compliance

If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.