DatabricksStaff Security Engineer
Lead and manage HITRUST certification for Databricks, ensuring audit readiness and security compliance across the organization.
The Databricks Security Assurance Team enables Databricks to achieve and maintain third party certifications, helping secure our operations and instill confidence in customers. As a Staff Security Assurance Engineer, you will help lead compliance certification efforts for HITRUST as well as work on other projects such as C5, TISAX, DORA, or ECC/CCC. You will be an individual contributor reporting to the Sr. Manager of the Security Assurance Team.
This is a work opportunity within the following geographic region:
- Singapore
The impact you will have:
- Lead and manage HITRUST certification for Databricks.
- Enable Databricks to expand and strengthen its presence in highly regulated markets, including Germany and Europe by using your experience to support Databricks’ C5, TISAX, DORA, and ECC/CCC compliance efforts.
- Enable new business by supporting gap assessments of new security compliance requirements.
- Ensure audit readiness and security compliance across the organization by working cross-functionally with other teams such as Engineering, IT, Legal, and HR.
- Support other Security Assurance Team certifications, reports, and activities as needed.
- Support security compliance reviews of new features.
- Develop and maintain strong relationships with external auditors and certification bodies to facilitate smooth audit processes.
What we look for:
We are looking for a professional with the following skills and practical experience in:
- Bachelor's degree in Computer Science or related field, or equivalent experience.
- 8+ years of security experience with at least 4 years of that in security compliance or security audits.
- Experience leading, achieving, and maintaining HITRUST certification.
- Experience leading, achieving, and maintaining C5, TISAX, DORA, or CCC compliance.
- Experience managing security audits.
- Experience improving security compliance or security audit programs.
- A comprehensive understanding of security controls across all domains.
- A general understanding of key technical security controls in cloud environments (AWS, Azure, GCP).
- Experience working effectively across the spectrum of individual contributors and senior leadership within an organization (for example, Engineering, IT, Security, etc.).