databricks logo

Senior Security Engineer, Incident Response

Databricks

Amsterdam, Netherlands; Berlin, Germany; London, United Kingdom; Remote - Denmark; Remote - France; Remote - Germany; Remote - Italy; Remote - Spain; Remote - Sweden

Detection Engineering

Posted 12 months ago

seniorremote

Job Description

RDQ326R15

The Incident Response team's mission is to respond to security threats, incidents and investigations to protect our customers, employees and enterprise data in a fast, efficient and standardised manner. We're a tight-knit team of security incident responders and incident handlers doing "Security for Databricks on Databricks", using our own platform to create near-real-time log analytics, alerting and forensics.

You will be an individual contributor on the security Incident Response (IR) team at Databricks, reporting to the regional IR manager. You will be responsible for conducting security analysis and forensics, responding to high-priority alerts and contributing to automations and agentic capabilities. You will be a security multiplier and help the team scale security incident response at Databricks.

The impact you will have:

  • You will respond to incidents as part of a distributed 24x7 operations and on-call schedule.
  • You will triage and respond to security events and alerts, ensuring quick and effective containment.
  • You will contribute to security investigations, conducting analysis and forensics across a range of data sources to determine the timeline and impact of security events.
  • You will build automations, including leveraging AI and agentic platforms, to deliver autonomous capabilities, expedite your work and scale the impact of the team.
  • You will communicate technical decisions through design docs and tech talks, and mentor junior security responders via security guidance, design reviews and code reviews.

What we look for:

  • Bachelor's Degree AND 4+ years experience in Incident Response work OR Master's Degree AND 2+ years experience.
  • Strong cloud security background in at least 1 of AWS, GCP or Azure, and working knowledge of the others.
  • Knowledge of AI/LLM and agentic capabilities, including effective prompting and use of MCP, agents and agent skills. Prefer experience with building and operating agentic systems in a security setting.
  • Broad security subject matter expertise.
  • Expertise in few core IR skills (DFIR , Reverse Engineering, Traditional Network Security, Storage and access security, Sandboxing, Compute security, etc.).
  • Experience with Enterprise Security and SaaS applications.
  • Working knowledge of a SIEM and SOAR.
  • Experience building Incident Response Tooling and scripting language skills.

 

About Databricks

Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow. To learn more, follow Databricks on TwitterLinkedIn and Facebook.

Benefits

At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region click here.

Our Commitment to Diversity and Inclusion

At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.

Compliance

If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.

Apply for this position
Get weekly alerts for cybersecurity jobs in United Kingdom:

Hiring for a role like this?

Reach cybersecurity professionals browsing the board - your listing goes live instantly.

Post a job →

Related cybersecurity jobs

databricks logo

Specialist Solutions Architect - Platform Security and Cloud Infrastructure

Databricks · Paris, France

Engineering
Posted Jun 19Apply
databricks logo

Cyber Security GTM Leader

Databricks · Remote - California; Remote - New York

Sales
Posted Jun 12Apply
databricks logo

Sr. Staff Security Assurance Engineer

Databricks · Mountain View, California; San Francisco, California

Other
Posted Jun 10Apply
databricks logo

Sr. IT Endpoint Engineer

Databricks · Mountain View, California

Other
Posted Apr 9Apply
databricks logo

Sr. Internal Audit Manager

Databricks · Mountain View, California; San Francisco, California

GRC
Posted Apr 2Apply
databricks logo

Staff Enterprise Security Engineer

Databricks · Remote - California

Security Engineering
Posted Apr 1Apply

Stay ahead of the curve. Get new infosec jobs in your inbox: