What you'd actually do

Build, lead, and grow a high-performing team of engineers responsible for cloud IAM operations, CSP environment management, security data pipelines, and compliance operations across AWS, Azure, and GCP.

Define and execute the strategy and roadmap for automating cloud access assignment, approval workflows, and IAM policy enforcement to reduce manual toil while strengthening security controls.

Own the end-to-end lifecycle of CSP account, subscription, and project provisioning, including secure onboarding of acquired companies' cloud environments into Databricks' organizations with minimal disruption.

Drive compliance programs including Cloud User Access Reviews, audit evidence collection, and IAM policy alignment to meet SOC2, FedRAMP, and other regulatory requirements.

Ensure the reliability and timeliness of security data pipelines that ingest CSP audit logging, enabling downstream detection and response capabilities.

Skills

Required

security engineering
cloud infrastructure
production/site reliability engineering
AWS, Azure, or GCP expertise
engineering management
building teams
developing senior engineers and managers
cloud IAM (policies, principals, roles, federation)
CSP organizational structures
identity governance frameworks
operational teams
automation and process improvement
compliance and audit workflows (SOC2, FedRAMP, ISO, or similar)
evidence collection
access review programs
cross-functional initiatives
influencing without direct authority
communication skills
stakeholder management skills
BS (or higher) in Computer Science, Information Security, or a related technical field

Nice to have

GovCloud escort operations
24x7 on-call rotation for SEV0 incidents

RDQ427R268

At Databricks, we are passionate about enabling data teams to solve the world's toughest problems, from making the next mode of transportation a reality to accelerating the development of medical breakthroughs. We do this by building and running the world's best data and AI infrastructure platform so our customers can use deep data insights to improve their business. Founded by engineers and driven by customer obsession, we leap at every opportunity to tackle technical challenges, from designing next-gen UI/UX for interfacing with data to scaling our services and infrastructure across millions of virtual machines. And we're only getting started.

Customers trust Databricks with their most sensitive data and workloads, and Security Infrastructure Operations (SIO) is the team that sustains and improves Databricks' cloud security posture across every cloud service provider we operate in. We are looking for a Senior Engineering Manager to lead this team and drive the strategy for how cloud identity, access, and environment changes are reviewed, executed, and automated at scale. You will own the operational backbone of Databricks' cloud security, spanning IAM policy enforcement, CSP account provisioning, compliance evidence collection, and security data pipelines. Your goal is to ensure that Databricks engineers can move fast without compromising security. This is a high-visibility, cross-functional leadership role that partners with Security, Security Engineering, IT and engineering teams across the company.

The impact you will have:** **

Build, lead, and grow a high-performing team of engineers responsible for cloud IAM operations, CSP environment management, security data pipelines, and compliance operations across AWS, Azure, and GCP.
Define and execute the strategy and roadmap for automating cloud access assignment, approval workflows, and IAM policy enforcement to reduce manual toil while strengthening security controls.
Own the end-to-end lifecycle of CSP account, subscription, and project provisioning, including secure onboarding of acquired companies' cloud environments into Databricks' organizations with minimal disruption.
Drive compliance programs including Cloud User Access Reviews, audit evidence collection, and IAM policy alignment to meet SOC2, FedRAMP, and other regulatory requirements.
Ensure the reliability and timeliness of security data pipelines that ingest CSP audit logging, enabling downstream detection and response capabilities.
Partner closely with Security, Security Engineering, and IT to interpret and operationalize security policies, ensuring consistent enforcement with high transparency and minimal friction for engineering teams.
Lead complex, multi-quarter initiatives spanning multiple teams and external partners, demonstrating leverage by executing through technical leads and developing future leaders on the team.
Lead GovCloud escort operations, including staffing a 24x7 on-call rotation for SEV0 incidents, and continuously improving operational resilience.

What we look for:** **

8+ years of experience in security engineering, cloud infrastructure, or production/site reliability engineering, with deep hands-on expertise in at least one major cloud provider (AWS, Azure, or GCP).
5+ years of engineering management experience, including building teams, developing senior engineers and managers, and navigating complex people situations such as promotions and performance management.
Strong technical understanding of cloud IAM (policies, principals, roles, federation), CSP organizational structures, and identity governance frameworks.
Demonstrated success leading operational teams that balance high-throughput request execution with automation and process improvement.
Experience with compliance and audit workflows (SOC2, FedRAMP, ISO, or similar), including evidence collection and access review programs.
Track record of driving cross-functional initiatives that require influencing without direct authority across security, infrastructure, and engineering organizations.
Strong communication and stakeholder management skills, with the ability to translate security policy into practical operational processes that engineering teams can follow.
BS (or higher) in Computer Science, Information Security, or a related technical field.

Pay Range Transparency

Databricks is committed to fair and equitable compensation practices. The pay range(s) for this role is listed below and represents the expected salary range for non-commissionable roles or on-target earnings for commissionable roles. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on the factors above, Databricks anticipates utilizing the full width of the range. The total compensation package for this position may also include eligibility for annual performance bonus, equity, and the benefits listed above. For more information regarding which range your location is in visit our page here.

Local Pay Range

$217,100—$298,550 USD

About Databricks

Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow. To learn more, follow Databricks on Twitter, LinkedIn and Facebook.

**Benefits

**At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region click here.

Our Commitment to Diversity and Inclusion

At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.

Compliance

If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.