Staff Security Assurance Engineer

RDQ426R601

Staff Security Assurance Engineer (US)

To comply with U.S. federal government requirements U.S. Citizenship is required for this position

Job Description

The Databricks Security Assurance Team ensures that Databricks achieves and maintains critical third-party certifications helping secure our operations and instill confidence in customers. As a Staff Security Assurance Engineer you will lead efforts to obtain and sustain certifications such as SOC 2 HIPAA and ISO 27001 for Databricks new acquisitions from end to end. You will be an individual contributor reporting to the Sr. Manager of the Security Assurance Team.

This is a work opportunity within the following geographic region:

• California US

The impact you will have:

• Drive certification success by leading and managing SOC 2 HIPAA and ISO 27001 certification efforts for Databricks new acquisitions ensuring seamless integration into the existing compliance programs.
• Enable new business by conducting and supporting gap assessments of new security compliance requirements.
• Ensure audit readiness and security compliance across the organization by working cross-functionally with other teams such as Engineering IT Legal and HR.
• Support broader certifications and assurance efforts contributing to the Security Assurance Teams portfolio of certifications reports and customer deliverables as needed.
• Develop and maintain strong relationships with external auditors and certification bodies to facilitate smooth audit processes.

What we look for:

We are looking for a professional with the following qualifications and practical experience:

• Bachelors degree in Computer Science Information Security or related field or equivalent experience.
• 8 years of security experience with at least 5 years of that in security compliance management and audits.
• US citizenship.
• Experience leading achieving and maintaining SOC2 HIPAA and/or ISO 27001 certifications.
• Experience managing security audits from end to end including planning evidence collection stakeholder coordination and auditor engagement.
• Experience improving security compliance or security audit programs through process standardization automation and effective tooling.
• A comprehensive understanding of security controls across all domains.
• A general understanding of key technical security controls in cloud environments (AWS Azure GCP).
• Experience working effectively across the spectrum of individual contributors and senior leadership within an organization (for example Engineering IT Security Legal etc.).
• Experience leading and managing compliance tooling and automation initiatives.
• Experience with developing or scripting GRC tools and automation workflows to improve efficiency and streamline compliance operations will be a plus.

Required Experience:

Staff IC