Databricks Enterprise Lead Security Architect - Principal IT Software Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Databricks · 2 months ago

Databricks Enterprise Lead Security Architect - Principal IT Software Engineer

positionMountain View, California
timeFull-time
remoteOnsite
seniorityLead/Staff
money$258K/yr - $362K/yr
date12+ years exp

Databricks is a leading data and AI company, seeking a highly skilled Lead Security Architect to enhance their IT security. The role involves designing secure architectures, implementing security controls, and collaborating with teams to protect critical assets and sensitive data in a fast-paced environment.

AnalyticsArtificial Intelligence (AI)Data StorageInformation TechnologyMachine Learning
check
Growth Opportunities
check
H1B Sponsor Likelynote

Responsibilities

Design and implement secure, scalable reference architectures for the Databricks IT across Cloud Infra (Compute, DBs, Network, Storage), SaaS, Custom Built Applications, Data & AI systems
Establish and enforce security controls for: Core Security Areas: Databricks Workspace Management: Workspace isolation, Unity Catalog for data governance
Secure Networking: VPC configs, PrivateLink, IP Allow Lists
Identity and Access Management (IAM): SSO, SCIM user provisioning, RBAC via Un, Strong MFA best practices for enterprise identities and customers
Data Encryption: At rest and in transit, customer-managed keys for critical assets
Data Exfiltration Prevention: Admin console settings, VPC endpoint controls
Cluster Security: User isolation, compliance with enhanced security monitoring/Compliance Security Profiles (HIPAA, PCI-DSS, FedRAMP)
Offensive Security: Test and challenge the effectiveness of the organization’s security defenses by mimicking the tactics, techniques, and procedures used by actual attackers
Specialized Security Functions: Non-human Identity Management: Design and implement secure authentication and authorization for automated systems (service accounts, API keys, machine identities), focusing on automation and integration with existing identity management systems
IAM Best Practices: Develop and document comprehensive Identity and Access Management policies, including user provisioning, de-provisioning, access reviews, privileged access management, and multi-factor authentication, ensuring security and compliance
Data Loss Prevention (DLP): Implement DLP solutions to identify, monitor, and protect sensitive data across endpoints, networks, and cloud environments, preventing unauthorized access, use, or transmission
SaaS Proxy Design and Implementation: Design and implement cloud-based proxies for SaaS applications (SASE solutions) to provide secure access, enforce security policies, monitor user activity, and protect against threats
Cloud Infrastructure Best Practices: Establish and document best practices for VPC configurations, cloud networking, and infrastructure as code using Terraform, ensuring secure network segmentation, routing, firewalls, and VPNs for consistent, automated, and secure deployments
Least Privilege Access for Data Security: Design and implement data security controls based on the principle of least privilege, ensuring users and systems have only the minimum necessary access through fine-grained controls, data classification, and regular access reviews
Guide internal IT on Databricks’ security and compliance certifications (SOC 2, ISO 27001/27017/27018, HIPAA, PCI-DSS, FedRAMP), and support security reviews/audits
Support incident response, vulnerability management, threat modeling, and red teaming using audit logs, cluster policies, and enhanced monitoring
Stay current on industry trends and emerging threats in GenAI, AI Agentic flow, MCPs to enhance security posture
Advise executive leadership on security architecture, risks, and mitigation
Mentor security engineers and developers on secure design and best practices

Qualification

Security ArchitectureIdentityAccess ManagementCloud SecurityData ProtectionThreat ModelingZero Trust ArchitectureData Loss PreventionSaaS SecuritySecurity AutomationCollaboration SkillsStrategic ThinkingMentoring

Required

Bachelor's degree in Computer Science, Information Security, Engineering, or a related field
Minimum 12 years in cybersecurity, with 5+ in security architecture or senior technical roles
Must have direct experience designing and securing enterprise platforms in complex multi-cloud environments
Proven expertise securing data analytics pipelines, SaaS integrations, and workload isolation in enterprise ecosystems
Deep experience in threat modeling, design, PoC, and implementing large-scale enterprise solutions
Extensive hands-on experience in AWS cloud security, network security, with knowledge of Zero Trust, Data Protection, and Appsec
Strong understanding of enterprise IAM systems (Okta, SailPoint, VDI, Entra ID) and Data Protection
Expert experience with SIEM platforms, XDR, and cloud-native threat detection tools
Expert in web application security, OWASP, API security, and secure design and testing
Hands-on experience with security automation is required, with proficiency in AI-assisted development, Python, Cursor, Lambda, Terraform, or comparable scripting/IaC tools for operational efficiency
Ability to influence stakeholders and drive alignment
Strategic thinker with a passion for security innovation, continuous improvement, and building scalable defenses

Preferred

Master's degree in Computer Science specifically in Information Security or a related discipline
Experience in FedRAMP High systems/ GovCloud preferred
Industry certifications like CISSP, CCSP, CEH, AWS Certified Security – Specialty, AWS Certified Solutions Architect – Professional, or AWS Certified Advanced Networking – Specialty (or equivalent)

Benefits

Annual performance bonus
Equity

Company

Databricks

twittertwittertwitter
Glassdoor4.4
company-logo
Databricks is a data and AI platform that unifies data engineering, analytics, and machine learning on a lakehouse architecture.
dateFounded in 2013
location
San Francisco, California, USA
people-size5001-10000 employees
web-link
https://www.databricks.com

H1B Sponsorship

Databricks has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (385)
2024 (319)
2023 (227)
2022 (222)
2021 (166)
2020 (64)

Funding

Current Stage
Late Stage
Total Funding
$25.81B
Key Investors
Counterpoint GlobalFranklin TempletonAndreessen Horowitz
2025-12-16Series Unknown· $4B
2025-09-08Series Unknown· $1B
2025-01-13Debt Financing· $5.25B

Leadership Team

leader-logo
Ali Ghodsi
CEO and Co-founder
linkedin
leader-logo
David Conte
Chief Financial Officer
linkedin

Recent News

Techcircle
From buzz to business value: How enterprises can build AI Agents that deliver
2026-01-08
Destination CRM
Adstra Partners with The Marketing Cloud and Databricks
2026-01-07
GlobeNewswire
Artificial Intelligence (AI) Voice De-identification Global Market Analysis Report 2025 Featuring Key Players - Microsoft, IBM, SoundHound AI, OpenAI, Axis Communications - Forecasts to 2029 and 2034
2026-01-07
Company data provided by crunchbase