What you'd actually do

Develop Databricks ATO packages.

Ensure audit readiness and security compliance across the organization by working cross-functionally with other teams such as Engineering, IT, and HR.

Collect and manage evidence for audits.

Lead continuous monitoring and authorizations.

Support security compliance reviews of new features.

Skills

Required

Bachelor's degree in Computer Science or related field, or equivalent experience.
5+ years of security compliance or audit related experience.
FedRAMP and/or DISA SRG auditing (3PAO) or implementation (CSP) experience.
NIST 800-53 and RMF experience.
A comprehensive understanding of security controls across all domains.
A general understanding of key technical security controls in cloud environments (AWS, Azure, GCP).
Strong written and verbal communication skills.
Experience working effectively across the spectrum of individual contributors and senior leadership within an organization (for example, Engineering IT, Security, etc.).

Nice to have

Active U.S. Government Top Secret/Secret Compartmentalized Information (TS/SCI) clearance with full scope polygraph.

RDQ127R265

The Databricks Security Assurance Team enables Databricks to achieve and maintain third party certifications, helping secure our operations and instill confidence in customers. As a Senior Security Assurance Engineer, you will help lead compliance certification efforts for the U.S. Federal Government such as FedRAMP, DISA CC SRG, etc.

You will be an individual contributor reporting to the Sr. Manager of the Security Assurance Team.

**The impact you will have: **

Develop Databricks ATO packages.
Ensure audit readiness and security compliance across the organization by working cross-functionally with other teams such as Engineering, IT, and HR.
Collect and manage evidence for audits.
Lead continuous monitoring and authorizations.
Support other Security Assurance Team certifications, reports, and activities as needed.
Support security compliance reviews of new features.
Build relationships with other Databricks teams to accomplish Security Assurance goals.
Develop and maintain strong relationships with external auditors and certification bodies to facilitate smooth audit processes.

What we look for:

Bachelor's degree in Computer Science or related field, or equivalent experience.
5+ years of security compliance or audit related experience.
FedRAMP and/or DISA SRG auditing (3PAO) or implementation (CSP) experience.
NIST 800-53 and RMF experience.
A comprehensive understanding of security controls across all domains.
A general understanding of key technical security controls in cloud environments (AWS, Azure, GCP).
Strong written and verbal communication skills.
Experience working effectively across the spectrum of individual contributors and senior leadership within an organization (for example, Engineering IT, Security, etc.).
Nice-to-have: Active U.S. Government Top Secret/Secret Compartmentalized Information (TS/SCI) clearance with full scope polygraph.

About Databricks

Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow. To learn more, follow Databricks on Twitter, LinkedIn and Facebook.

**Benefits

**At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region click here.

Our Commitment to Diversity and Inclusion

At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.

Compliance

If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.