Sr. Staff Security Engineer, Incident Response

About the Role

Sr. Staff Security Engineer, Incident Response - Databricks Skip to main content Login Why Databricks Discover For Executives For Startups Lakehouse Architecture Databricks AI Research Customers Customer Stories Partners Partner Overview Explore the Databricks partner ecosystem Partner Spotlight Featured partner announcements Partner Program Explore benefits, tiers and how to become a partner Cloud Providers Databricks on AWS, Azure and GCP Find a Partner Discover Databricks partners for your needs Partner Solutions Find custom industry and migration solutions Product Databricks Platform Platform Overview A unified platform for data, analytics and AI Data Management Data reliability, security and performance Sharing An open, secure, zero-copy sharing for all data Data Warehousing Serverless data warehouse for SQL analytics Governance Unified governance for all data, analytics and AI assets Data Engineering ETL and orchestration for batch and streaming data Artificial Intelligence Build and deploy ML and GenAI applications Data Science Collaborative data science at scale Business Intelligence Intelligent analytics for real-world data Application Development Quickly build secure data and AI apps Database Postgres for data apps and AI agents Integrations and Data Marketplace Open marketplace for data, analytics and AI IDE Integrations Build on the Lakehouse in your favorite IDE Partner Connect Discover and integrate with the Databricks ecosystem Pricing Databricks Pricing Explore product pricing, DBUs and more Cost Calculator Estimate your compute costs on any cloud Open Source Open Source Technologies Learn more about the innovations behind the platform Solutions Databricks for Industries Communications Media and Entertainment Financial Services Public Sector Healthcare & Life Sciences Retail Manufacturing See All Industries Cross Industry Solutions AI Agents Cybersecurity Marketing Migration & Deployment Data Migration Professional Services Solution Accelerators Explore Accelerators Move faster toward outcomes that matter Resources Learning Training Discover curriculum tailored to your needs Databricks Academy Sign in to the Databricks learning platform Certification Gain recognition and differentiation Free Edition Learn professional Data and AI tools for free University Alliance Want to teach Databricks? See how. Events Data + AI Summit Data + AI World Tour AI Days Event Calendar Blog and Podcasts Databricks Blog Explore news, product announcements, and more Databricks AI Research Blog Discover the latest in our Gen AI research Data Brew Podcast Let’s talk data! Champions of Data + AI Podcast Insights from data leaders powering innovation Get Help Customer Support Documentation Community Dive Deep Resource Center Demo Center Architecture Center About Company Who We Are Our Team Databricks Ventures Contact Us Careers Working at Databricks Open Jobs Press Awards and Recognition Newsroom Security and Trust Security and Trust DATA + AI SUMMIT JUNE 15–18 | SAN FRANCISCO Don’t miss our biggest Summit yet. Save 50% with early-bird pricing. Register Ready to get started? Get a Demo DATA + AI SUMMIT JUNE 15–18 | SAN FRANCISCO Don’t miss our biggest Summit yet. Save 50% with early-bird pricing. Register Login Try Databricks Overview Culture Benefits Diversity Engineering Research Students & new grads Back to search results Sr. Staff Security Engineer, Incident Response Bellevue, Washington; Mountain View, California; San Francisco, California; Seattle, Washington; United States Apply now RDQ127R264 This role is open to remote candidates within the U.S., with a preference for those based in the San Francisco/ Bay Area or Seattle/Bellevue. U.S. citizenship is required. Databricks is seeking an exceptional and strategic Sr. Staff Security Engineer, Incident Response to join our Incident Response team. This pivotal role will provide decisions that have a direct impact on the long-term success of Databricks' security posture, creating solutions that enable potential future opportunities without a known path. You will play a key role in developing multi-year technology strategy for complete and critical areas of the business, encompassing multiple systems and teams, consistently delivering large-scale projects that meet company goals. The Incident Response team's mission is to rapidly, efficiently, and standardly respond to security threats, incidents, and investigations to protect our customers, employees, and enterprise data. We leverage Databricks' own platform for near-real-time log analytics, alerting, and forensics, embracing a "Security for Databricks on Databricks" philosophy. As an Sr. Staff Security Engineer, you will tackle the most technical SIRTs, drive complex, open-ended problems with no obvious path to success, act as a multiplier by enabling systems, authoring tools, or introducing policies that elevate the entire organization's productivity. The impact you will have: Strategic Impact & Technical Vision: Drive or influence the organization’s direction and roadmap, leading internal conversations about major technology areas and inspiring adoption. Provide decisions with direct, long-term impact on Databricks' success. Incident Leadership & Crisis Management: Lead complex investigations and impact analysis, performing crisis management using the Incident Management System (IMS). Engage with various stakeholders and communicate findings to executive leadership, ensuring successful navigation of major security incidents with minimal business impact. Advanced Threat Management: Exhibit expert knowledge in all cloud vendors used by Databricks (AWS, Azure, GCP), deeply understanding the entire architecture of major business components and articulating their security and risk limits. Drive the establishment of a cutting-edge threat detection and response program, significantly reducing Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) to security incidents. Technical Innovation & Automation: Architect scalable and organized frameworks for security automation and orchestration, including pre-investigation analysis and triage of alerts. Understand trends and directions of the security industry within your domain and architect large-scale designs consistent with organizational and company goals. Problem Solving: Demonstrate the ability to fix difficult and company-impactful problems wherever they lie, even if outside your comfort zone. Possess a full understanding of what malicious activity looks like in each cloud layer (network, storage, compute), understanding existing logs and correlating from multiple sources during an investigation. Cross-Functional Collaboration & Mentorship: Serve as a role model and mentor to every technical member of the team. Identify areas where Databricks can share effectively with the outside world, guiding content creation and communication via presentations and blogs. Work across departments, integrating security practices into various aspects of the organization and product development lifecycle. What we look for: Experience : Typically 12+ years of experience in security, with a strong focus on incident response, detection, and/or threat intelligence, or an advanced degree with 8+ years of experience. This includes deep expertise in Incident Management and Incident Response tool development. Cloud Security Expertise : Demonstrates knowledge of Azure and AWS cloud concepts, showing expertise in analyzing logs, correlating available log sources to conclude an attack scenario, and identifying logging gaps to suggest best configurations for IR needs. You can function as an architect of cloud deployment and map cloud environment fundamentals to other major providers. Digital Forensics : Highly skilled in multiple areas of digital forensics (e.g., Network, Application/Log Analysis, Host/Disk, Memory Forensics/Malware Analysis, Cloud Forensics, Endpoint Forensics), able to speak confidently on advanced concepts like virtualized networking, advanced network anomalies, and container forensics. Enterprise Security : Has a detailed understanding of enterprise security incidents and in-depth knowledge of malware on endpoints. Possesses expert understanding of MacOS security posture and architecture. Technical Depth : Proficient with SIEM and SOAR platforms, EDR solutions, and forensic analysis tools. Skilled in leveraging AI and automation technologies to enhance security operations and threat detection capabilities. Leadership & Communication : Exceptional ability to engage in difficult conversations, handle them appropriately, and exhibit empathy and emotional intelligence. Proven capability to build, mentor, and lead high-performing cybersecurity teams, fostering a culture of excellence and continuous improvement. Strong communication of technical decisions through design docs and tech talks. Bias for Action & Collaboration : A history of proactively identifying and solving issues that impact the team and company. Demonstrates a strong desire to help peers and collaborate effectively. Customer/Stakeholder Obsessed : Able to push back or say no to unreasonable stakeholder requests in a professional and constructive manner. U.S. Citizenship Requirement This role will involve services that are covered by and must comply with the U.S. Government information security and federal contractor regulations, including, without limiation, Department of Defense Cloud Computing Security Requirements for Impact Level 6 Cloud Service Provider personnel, FedRAMP High baseline, and requirements of certain federal contracts. Therefore, this role is open to United States citizens on United States Soil only. Pay Range Transparency Databricks is committed to fair and equitable compensation practices. The pay range(s) for this role is listed below and represents the expected salary range for non-commissionable roles or on-target earnings for commissionable roles. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on the factors above, Databricks anticipates utilizing the full width of the range. The total compensation package for this position may also include eligibility for annual performance bonus, equity, and the benefits listed above. For more information regarding which range your location is in visit our page here . Zone 1 Pay Range $229,000 — $314,800 USD Pay Range Transparency Databricks is committed to fair and equitable compensation practices. The pay range(s) for this role is listed below and represents the expected salary range for non-commissionable roles or on-target earnings for commissionable roles. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on the factors above, Databricks anticipates utilizing the full width of the range. The total compensation package for this position may also include eligibility for annual performance bonus, equity, and the benefits listed above. For more information regarding which range your location is in visit our page here . Zone 2 Pay Range $206,100 — $283,350 USD Pay Range Transparency Databricks is committed to fair and equitable compensation practices. The pay range(s) for this role is listed below and represents the expected salary range for non-commissionable roles or on-target earnings for commissionable roles. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on the factors above, Databricks anticipates utilizing the full width of the range. The total compensation package for this position may also include eligibility for annual performance bonus, equity, and the benefits listed above. For more information regarding which range your location is in visit our page here . Zone 3 Pay Range $194,600 — $267,650 USD Pay Range Transparency Databricks is committed to fair and equitable compensation practices. The pay range(s) for this role is listed below and represents the expected salary range for non-commissionable roles or on-target earnings for commissionable roles. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on the factors above, Databricks anticipates utilizing the full width of the range. The total compensation package for this position may also include eligibility for annual performance bonus, equity, and the benefits listed above. For more information regarding which range your location is in visit our page here . Zone 4 Pay Range $183,200 — $251,900 USD About Databricks Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow. To learn more, follow Databricks on Twitter , LinkedIn and Facebook . Benefits At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region, please visit https://www.mybenefitsnow.com/databricks . Our Commitment to Diversity and Inclusion At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics. Compliance If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone. Why Databricks Discover For Executives For Startups Lakehouse Architecture Databricks AI Research Customers Customer Stories Partners Partner Overview Partner Program Find a Partner Partner Spotlight Cloud Providers Partner Solutions Why Databricks Discover For Executives For Startups Lakehouse Architecture Databricks AI Research Customers Customer Stories Partners Partner Overview Partner Program Find a Partner Partner Spotlight Cloud Providers Partner Solutions Product Databricks Platform Platform Overview Sharing Governance Artificial Intelligence Business Intelligence Database Data Management Data Warehousing Data Engineering Data Science Application Development Pricing Pricing Overview Pricing Calculator Open Source Integrations and Data Marketplace IDE Integrations Partner Connect Product Databricks Platform Platform Overview Sharing Governance Artificial Intelligence Business Intelligence Database Data Management Data Warehousing Data Engineering Data Science Application Development Pricing Pricing Overview Pricing Calculator Open Source Integrations and Data Marketplace IDE Integrations Partner Connect Solutions Databricks For Industries Communications Financial Services Healthcare and Life Sciences Manufacturing Media and Entertainment Public Sector Retail View All Cross Industry Solutions Cybersecurity Marketing Data Migration Professional Services Solution Accelerators Solutions Databricks For Industries Communications Financial Services Healthcare and Life Sciences Manufacturing Media and Entertainment Public Sector Retail View All Cross Industry Solutions Cybersecurity Marketing Data Migration Professional Services Solution Accelerators Resources Documentation Customer Support Community Learning Training Certification Free Edition University Alliance Databricks Academy Login Events Data + AI Summit Data + AI World Tour AI Days Event Calendar Blog and Podcasts Databricks Blog Databricks AI Research Blog Data Brew Podcast Champions of Data & AI Podcast Resources Documentation Customer Support Community Learning Training Certification Free Edition University Alliance Databricks Academy Login Events Data + AI Summit Data + AI World Tour AI Days Event Calendar Blog and Podcasts Databricks Blog Databricks AI Research Blog Data Brew Podcast Champions of Data & AI Podcast About Company Who We Are Our Team Databricks Ventures Contact Us Careers Open Jobs Working at Databricks Press Awards and Recognition Newsroom Security and Trust About Company Who We Are Our Team Databricks Ventures Contact Us Careers Open Jobs Working at Databricks Press Awards and Recognition Newsroom Security and Trust Databricks Inc. 160 Spear Street, 15th Floor San Francisco, CA 94105 1-866-330-0121 See Careers at Databricks © Databricks 2026 . All rights reserved. Apache, Apache Spark, Spark, the Spark Logo, Apache Iceberg, Iceberg, and the Apache Iceberg logo are trademarks of the Apache Software Foundation . Privacy Notice | Terms of Use | Modern Slavery Statement | California Privacy | Your Privacy Choices

Other roles at Databricks

• Software Engineer (SDE 2) - Full Stack, Lakeflow

  Bengaluru, India

• Manager, Field Engineering

  Melbourne, Australia

• Solutions Architect