Sr. Staff Security Engineer, Incident Response jobs in United States
cer-icon
Apply on Employer Site
company-logo

Databricks · 7 hours ago

Sr. Staff Security Engineer, Incident Response

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
money$183K/yr - $315K/yr
date12+ years exp

Databricks is seeking an exceptional and strategic Sr. Staff Security Engineer, Incident Response to join our Incident Response team. This pivotal role will provide decisions that have a direct impact on the long-term success of Databricks' security posture, creating solutions that enable potential future opportunities without a known path.

AnalyticsArtificial Intelligence (AI)Data IntegrationData ManagementData StorageInformation TechnologyMachine Learning
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Drive or influence the organization’s direction and roadmap, leading internal conversations about major technology areas and inspiring adoption
Provide decisions with direct, long-term impact on Databricks' success
Lead complex investigations and impact analysis, performing crisis management using the Incident Management System (IMS)
Engage with various stakeholders and communicate findings to executive leadership, ensuring successful navigation of major security incidents with minimal business impact
Exhibit expert knowledge in all cloud vendors used by Databricks (AWS, Azure, GCP), deeply understanding the entire architecture of major business components and articulating their security and risk limits
Drive the establishment of a cutting-edge threat detection and response program, significantly reducing Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) to security incidents
Architect scalable and organized frameworks for security automation and orchestration, including pre-investigation analysis and triage of alerts
Understand trends and directions of the security industry within your domain and architect large-scale designs consistent with organizational and company goals
Demonstrate the ability to fix difficult and company-impactful problems wherever they lie, even if outside your comfort zone
Possess a full understanding of what malicious activity looks like in each cloud layer (network, storage, compute), understanding existing logs and correlating from multiple sources during an investigation
Serve as a role model and mentor to every technical member of the team
Identify areas where Databricks can share effectively with the outside world, guiding content creation and communication via presentations and blogs
Work across departments, integrating security practices into various aspects of the organization and product development lifecycle

Qualification

Incident ResponseCloud SecurityDigital ForensicsSIEMSOARCrisis ManagementTechnical LeadershipCommunication SkillsCollaborationProblem Solving

Required

Typically 12+ years of experience in security, with a strong focus on incident response, detection, and/or threat intelligence, or an advanced degree with 8+ years of experience
Deep expertise in Incident Management and Incident Response tool development
Demonstrates knowledge of Azure and AWS cloud concepts
Expertise in analyzing logs, correlating available log sources to conclude an attack scenario, and identifying logging gaps to suggest best configurations for IR needs
Ability to function as an architect of cloud deployment and map cloud environment fundamentals to other major providers
Highly skilled in multiple areas of digital forensics (e.g., Network, Application/Log Analysis, Host/Disk, Memory Forensics/Malware Analysis, Cloud Forensics, Endpoint Forensics)
Ability to speak confidently on advanced concepts like virtualized networking, advanced network anomalies, and container forensics
Detailed understanding of enterprise security incidents and in-depth knowledge of malware on endpoints
Expert understanding of MacOS security posture and architecture
Proficient with SIEM and SOAR platforms, EDR solutions, and forensic analysis tools
Skilled in leveraging AI and automation technologies to enhance security operations and threat detection capabilities
Exceptional ability to engage in difficult conversations, handle them appropriately, and exhibit empathy and emotional intelligence
Proven capability to build, mentor, and lead high-performing cybersecurity teams, fostering a culture of excellence and continuous improvement
Strong communication of technical decisions through design docs and tech talks
A history of proactively identifying and solving issues that impact the team and company
Demonstrates a strong desire to help peers and collaborate effectively
Able to push back or say no to unreasonable stakeholder requests in a professional and constructive manner
U.S. citizenship is required

Benefits

Eligibility for annual performance bonus
Equity
Comprehensive benefits and perks that meet the needs of all of our employees

Company

Databricks

twittertwittertwitter
Glassdoor4.4
company-logo
Databricks is a data and AI platform that unifies data engineering, analytics, and machine learning on a lakehouse architecture.
dateFounded in 2013
location
San Francisco, California, USA
people-size5001-10000 employees
web-link
https://www.databricks.com

Funding

Current Stage
Late Stage
Total Funding
$25.81B
Key Investors
Counterpoint GlobalFranklin TempletonAndreessen Horowitz
2025-12-16Series Unknown· $4B
2025-09-08Series Unknown· $1B
2025-01-13Debt Financing· $5.25B

Leadership Team

leader-logo
Ali Ghodsi
CEO and Co-founder
linkedin
leader-logo
Ion Stoica
Co-Founder & Executive Chairman
linkedin

Recent News

Tech
Databricks obtains $1.8 billion in additional debt ahead of IPO
2026-01-24
SiliconANGLE
Report: Databricks raises $1.8B in debt financing
2026-01-24
Tech in Asia
Databricks secures $1.8b financing, lifts total debt to $7.1b
2026-01-24
Company data provided by crunchbase