The company is looking to safeguard its products, cloud infrastructure, endpoints, and employees from modern cyber threats.
Requirements
- Expertise in securing and operating at least one major cloud environment (AWS, Azure, GCP).
- Strong technical proficiency in key areas such as network security, cloud security, application/log analysis, and endpoint security.
- Proven experience in Python, Git/GitHub, and CI/CD automation (terraform knowledge is a plus).
- Familiarity with distributed computing environments (e.g., Pyspark), SQL, data analysis tools, and machine learning.
- Experience with Spark, Python, and other cutting-edge technologies.
- Knowledge of novel data sources, new attack vectors, and detection models.
- Experience with detection-as-code model and building detections on Databricks platform.
Responsibilities
- Design and implement advanced detection strategies by deeply understanding and analyzing new or unknown log sources, schemas, and raw data.
- Collaborate with cross-functional teams, including data engineering, to build efficient log ingestion pipelines and support large-scale data analytics.
- Engineer and deploy detection solutions on Databricks using Spark, Python, and other cutting-edge technologies with a strong emphasis on clean code, rigorous testing, and comprehensive documentation.
- Develop Rule-based and/or ML-based intrusion detection models and integrate them with Databricks' platform, ensuring high accuracy and minimal false positives.
- Partner with Incident Response teams to perform threat hunting and to provide detailed logging, alerts, and playbooks, empowering proactive threat detection and response.
- Influence the development of long-term technology strategies and roadmaps for detection engineering, ensuring alignment with broader business and security goals.
- Represent Databricks at security and engineering conferences, presenting novel detection approaches and thought leadership within the security community.
Other
- 10+ years of relevant experience or advanced degree + 7 years of experience, with a focus on security detection engineering.
- 6+ years of software engineering experience, with 4+ years specifically in security-related engineering, particularly in detection engineering.
- Excellent communication skills, with the ability to collaborate effectively across teams and present complex ideas clearly to stakeholders at all levels.
- A leadership mindset with the ability to mentor peers, drive strategic initiatives, and influence the organization’s security direction.
- Ability to work autonomously and take ownership of large projects.