Head of Product Security
Bengaluru, India
Databricks
The Databricks Platform is the world’s first data intelligence platform powered by generative AI. Infuse AI into every facet of your business.RDQ124R86
The Product Security Team's mission is to Left-shift SDLC (Security Development Lifecycle) processes for ALL code written in Databricks (for Customer Use or Supporting Customer internally) to reduce the likelihood of introducing new vulnerabilities in production and minimize the count and effect of externally identified vulnerabilities on Databricks Services.
You will be the first leader on the Product Security team at Databricks India, managing SDLC functions for features and products within Databricks. This would include security design reviews, threat models, manual code reviews, exploit writing and exploit chain creation. You will be a Security Site lead supporting other Security Team members in the APAC region.
The position reports to the Head of Product Security and would be directly responsible for all the Product Security related functions as directly assigned to the team in India. In parallel, the role would be responsible for providing a site leadership to other members of the security organization based in India. While the task and assignments will come from the respective team leaders, this role would have a dotted line reporting from these employees. This role requires the individual to be based in Bengaluru.
The impact you will have:
- Scale the Security org at Databricks India by building an outstanding team , by hiring strong security engineers
- Support security engineers in their career development by providing clear feedback and developing security leaders.
- Ensure high technical standards by instituting processes (security development lifecycle, exploit development, automation, etc) and culture (engineering excellence).
- Work with engineering and product leadership to build a partnership and guide development decisions with bias for security.
- Coordinate execution and collaborate across teams to unblock cross-cutting projects.
What we look for:
- 12+ years of industry experience in the Security domain
- 6+ years of managerial experience, alongside experience in hiring and developing especially senior technical talent in the Security space.
- Solid understanding of product security fundamentals with expertise on Threat Modeling, and a working knowledge of exploit writing.
- Focused on defining and driving efficiencies and improvements within their team
- Strong understanding on two or more of the following domains - Web Security, Cloud Security, Applied Crypto or System Security.
- You will make effective priority decisions on resourcing and alignment within their team
- You define and achieve targets (e.g. OKRs, KPIs) of the team
- Demonstrate leverage by executing through other leaders
- Team player that will work with other departments (Eng, IT, PM, Sales, CS)
Benefits
- Benefits allowance
- Equity awards
- Gym reimbursement
- Annual personal development fund
- Work headphones reimbursement
- Business travel insurance
- Paid Parental Leave
About Databricks
Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow. To learn more, follow Databricks on Twitter, LinkedIn and Facebook.
Our Commitment to Diversity and Inclusion
At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.
Compliance
If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Automation Cloud Compliance Crypto Databricks Exploit KPIs OKR Product security SDLC Vulnerabilities
Perks/benefits: Career development Fitness / gym Insurance Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Ethical hacker / Pentester H/F jobs
- Open IT Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Operations Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Information System Security Officer jobs
- Open Senior Network Security Engineer jobs
- Open CISM-related jobs
- Open C-related jobs
- Open Risk assessment-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs