Senior Security Engineer (Incident Response)
RDQ324R4
The Incident Response team's mission is to respond to security threats, incidents and investigations to protect our customers, employees and enterprise data in an efficient and standardised manner. We're a tight-knit team of security incident responders and incident handlers doing 'Security for Databricks on Databricks', using our own platform to create near-real-time log analytics, alerting and forensics.
You will be an individual contributor on the Security Incident Response (IR) team at Databricks, reporting to the Head of Incident Response. You will be responsible for leading incidents, investigations and security initiatives from postmortems. You will be a security multiplier and help the team scale security incident response at Databricks as amongst the first members of the team in India.
The impact you will have:
You will identify problems with ambiguous requirements (lack of clarity, inconsistencies, technical limitations) for their your work , and communicates these issues early to help course-correct
You will communicate technical decisions through design docs, tech talks and mentor junior security responders via security guidance, design reviews and code reviews.
You will triage and respond to security events and alerts by understanding existing logs, correlating from multiple sources during an investigation.
Respond to new incidents as part of a distributed 24x7 operations and oncall schedule.
You will build automation to improve security incident response and alerts triage.
What we look for:
A minimum of 12+ years experience in Incident Response work
Cloud Security Essentials in at least 1 of AWS, GCP or Azure. Working knowledge of GCP and Azure.
Broad Security subject matter expertise.
Expertise in few core IR skills (DFIR , Reverse Engineering, Traditional Network Security, Storage and access security, Sandboxing, Compute security etc)
Experience with Enterprise Security, End Point Security and SaaS applications.
Working knowledge of a SIEM and SOAR
Have experience building Incident Response Tooling and scripting language skills
Benefits
Private medical insurance
Accident coverage
Employee's Provident Fund
Equity awards
Paid parental leave
Gym reimbursement
Annual personal development fund
Work headphones reimbursement
Business travel insurance
Mental wellness resources
Senior Security Engineer (Incident Response)
RDQ324R4
The Incident Response team's mission is to respond to security threats, incidents and investigations to protect our customers, employees and enterprise data in an efficient and standardised manner. We're a tight-knit team of security incident responders and incident handlers doing 'Security for Databricks on Databricks', using our own platform to create near-real-time log analytics, alerting and forensics.
You will be an individual contributor on the Security Incident Response (IR) team at Databricks, reporting to the Head of Incident Response. You will be responsible for leading incidents, investigations and security initiatives from postmortems. You will be a security multiplier and help the team scale security incident response at Databricks as amongst the first members of the team in India.
The impact you will have:
You will identify problems with ambiguous requirements (lack of clarity, inconsistencies, technical limitations) for their your work , and communicates these issues early to help course-correct
You will communicate technical decisions through design docs, tech talks and mentor junior security responders via security guidance, design reviews and code reviews.
You will triage and respond to security events and alerts by understanding existing logs, correlating from multiple sources during an investigation.
Respond to new incidents as part of a distributed 24x7 operations and oncall schedule.
You will build automation to improve security incident response and alerts triage.
What we look for:
A minimum of 12+ years experience in Incident Response work
Cloud Security Essentials in at least 1 of AWS, GCP or Azure. Working knowledge of GCP and Azure.
Broad Security subject matter expertise.
Expertise in few core IR skills (DFIR , Reverse Engineering, Traditional Network Security, Storage and access security, Sandboxing, Compute security etc)
Experience with Enterprise Security, End Point Security and SaaS applications.
Working knowledge of a SIEM and SOAR
Have experience building Incident Response Tooling and scripting language skills
Benefits
Private medical insurance
Accident coverage
Employee's Provident Fund
Equity awards
Paid parental leave
Gym reimbursement
Annual personal development fund
Work headphones reimbursement
Business travel insurance
Mental wellness resources