Sr Security Engineer, Incident Response
WFA Digital Insight
The remote job market for security professionals has seen significant growth, with demand for incident response specialists increasing by over 20% in the past year. This role at Databricks stands out due to its focus on using AI and agentic capabilities to enhance security incident response. With the rise of cloud security, having expertise in AWS, GCP, or Azure is crucial. Candidates should be prepared to showcase their technical skills and experience in handling high-priority alerts and contributing to automations. Before applying, consider the importance of broad security subject matter expertise and the ability to communicate technical decisions effectively.
Job Description
About the Role
The Incident Response team at Databricks is on a mission to protect customers, employees, and enterprise data from security threats. As a Sr Security Engineer, you will be a key player in responding to security incidents, conducting analysis and forensics, and contributing to automations. You will work closely with the regional IR manager and be part of a tight-knit team that values collaboration and innovation. The team's goal is to respond to security threats in a fast, efficient, and standardized manner, leveraging Databricks' own platform to create near-real-time log analytics, alerting, and forensics.Databricks is the data and AI company, and its platform is used by over 10,000 organizations worldwide. The company is committed to fostering a diverse and inclusive culture, and it takes great care to ensure that its hiring practices meet equal employment opportunity standards.
What You Will Do
- Respond to high-priority alerts and incidents as part of a distributed 24x7 operations and on-call schedule
- Triage and respond to security events and alerts, ensuring quick and effective containment
- Conduct security investigations, analyzing and conducting forensics across a range of data sources to determine the timeline and impact of security events
- Build automations, including leveraging AI and agentic platforms, to deliver autonomous capabilities and scale the impact of the team
- Communicate technical decisions through design docs and tech talks
- Mentor junior security responders via security guidance, design reviews, and code reviews
- Collaborate with the team to develop and implement security incident response plans and procedures
- Stay up-to-date with the latest security threats and trends, and apply that knowledge to improve the team's response capabilities
- Participate in on-call rotations and be available to respond to incidents outside of regular working hours
- Develop and maintain documentation of security incident response processes and procedures
What We Are Looking For
- Bachelor's Degree and 4+ years of experience in Incident Response work, or Master's Degree and 2+ years of experience
- Strong cloud security background in at least one of AWS, GCP, or Azure, and working knowledge of the others
- Knowledge of AI/LLM and agentic capabilities, including effective prompting and use of MCP, agents, and agent skills
- Prefer experience with building and operating agentic systems in a security setting
- Broad security subject matter expertise
- Expertise in a few core IR skills, such as DFIR, Reverse Engineering, Traditional Network Security, Storage and Access Security, Sandboxing, Compute Security, etc.
- Experience with Enterprise Security and SaaS applications
- Working knowledge of a SIEM and SOAR
- Experience building Incident Response Tooling and scripting language skills
Nice to Have
- Experience with Excel and data analysis
- Certification in a security-related field, such as CISSP or CEH
- Experience with cloud security architecture and design
Benefits and Perks
- Comprehensive benefits package, including health, dental, and vision insurance
- 401(k) or similar retirement plan
- Generous PTO and holiday schedule
- Remote work stipend and equipment allowance
- Opportunities for professional development and growth
- Collaborative and dynamic work environment
- Access to cutting-edge technologies and tools
How to Stand Out
- Make sure to highlight your experience with cloud security and incident response in your resume and cover letter.
- Be prepared to talk about your experience with AI and agentic capabilities, and how you've applied them in previous roles.
- Showcase your broad security subject matter expertise and ability to communicate technical decisions effectively.
- Consider obtaining a certification in a security-related field to enhance your application.
- Be prepared to discuss your experience with automation and scripting languages, and how you've used them to improve incident response capabilities.
- Research Databricks' culture and values, and be prepared to talk about how you align with them.
- Practice your response to common incident response scenarios, and be prepared to walk the interviewer through your thought process and decision-making.
This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.