Senior Security Engineer, Red Team

RDQ326R18

The Red Team is committed to proactively identifying and mitigating security threats across our infrastructure, applications, and cloud environments. Through rigorous offensive security assessments, adversarial testing, and vulnerability research, we aim to uncover and address weaknesses before they can be exploited by real-world attackers. By simulating real-world attack scenarios, we help enhance our security posture, ensuring resilience against emerging threats and fostering a culture of security awareness throughout the organization.

The Impact You Will Have:

You will be a key member of the Red Team at Databricks, conducting security assessments, developing novel attack techniques, and working across teams to improve our defensive capabilities. Your work will involve:

• Conducting Red Team operations on cloud environments, infrastructure, and applications to identify and exploit security weaknesses in both development and production environments.
• Developing and refining tools, exploits, and automation to simulate real-world adversarial techniques against enterprise security controls.
• Performing vulnerability research and exploit development, including discovering zero-days, bypassing security controls, and creating proof-of-concept exploits.
• Assessing cloud security risks across AWS, Azure, and GCP environments, including IAM misconfigurations, container security, and lateral movement strategies.
• Collaborating with internal security and engineering teams to provide remediation guidance, enhance security monitoring, and improve detection and response capabilities.
• Researching emerging threats in cloud security, web applications, and infrastructure, sharing findings internally and contributing to the broader security community.
• Performing security design reviews to ensure new products and infrastructure components are built with security best practices from inception.

What We Look For:

The ideal candidate will have a strong background in offensive security, cloud security, and vulnerability research.

• Expertise in Red Teaming, penetration testing, and adversary simulation techniques.
• Deep knowledge of cloud security (AWS, Azure, GCP), including IAM, networking, containers, orchestration (kubernetes) and serverless architectures.
• Strong programming skills in Python, C/C++, or Go for exploit development, automation, and tool creation.
• Experience developing and weaponizing exploits for vulnerabilities in cloud environments, applications, and infrastructure.
• Strong understanding of modern attack techniques, including phishing, persistence mechanisms, privilege escalation, and lateral movement.
• Knowledge of security tooling (e.g., C2 frameworks, EDR evasion, malware development, fuzzing, and reverse engineering).
• Excellent problem-solving skills and the ability to think like an adversary.
• Strong communication skills, with the ability to document findings clearly and present them to technical and non-technical audiences.
• Typically 4+ years of experience in offensive security, vulnerability research, or Red Teaming, or an advanced degree (MS/PhD) with 3+ years of experience in the security domain.
• BS or higher in Computer Science, Cybersecurity, or a related field.

If you're passionate about offensive security and enjoy breaking things to make them better, we'd love to hear from you!

About Databricks

Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow. To learn more, follow Databricks on Twitter, LinkedIn and Facebook.

Benefits

At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visit https://www.mybenefitsnow.com/databricks. 

Our Commitment to Diversity and Inclusion

At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.

Compliance

If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.