Federal Senior Security Assurance Engineer

RDQ127R265

The Databricks Security Assurance Team enables Databricks to achieve and maintain third party certifications, helping secure our operations and instill confidence in customers. As a Senior Security Assurance Engineer, you will help lead compliance certification efforts for the U.S. Federal Government such as FedRAMP, DISA CC SRG, etc.

You will be an individual contributor reporting to the Sr. Manager of the Security Assurance Team.

The impact you will have: 

• Develop Databricks ATO packages.
• Ensure audit readiness and security compliance across the organization by working cross-functionally with other teams such as Engineering, IT, and HR.
• Collect and manage evidence for audits.
• Lead continuous monitoring and authorizations.
• Support other Security Assurance Team certifications, reports, and activities as needed.
• Support security compliance reviews of new features.
• Build relationships with other Databricks teams to accomplish Security Assurance goals.
• Develop and maintain strong relationships with external auditors and certification bodies to facilitate smooth audit processes.

What we look for:

• Bachelor's degree in Computer Science or related field, or equivalent experience.
• 5+ years of security compliance or audit related experience.
• FedRAMP and/or DISA SRG auditing (3PAO) or implementation (CSP) experience.
• NIST 800-53 and RMF experience.
• A comprehensive understanding of security controls across all domains.
• A general understanding of key technical security controls in cloud environments (AWS, Azure, GCP).
• Strong written and verbal communication skills.
• Experience working effectively across the spectrum of individual contributors and senior leadership within an organization (for example, Engineering IT, Security, etc.).
• Nice-to-have: Active U.S. Government Top Secret/Secret Compartmentalized Information (TS/SCI) clearance with full scope polygraph.