RDQ227R1176

While candidates in the listed location(s) are encouraged for this role, candidates in other locations (US based) will be considered.

Mission

Databricks is hiring an L5 Enterprise Security Engineer to expand Enterprise Security coverage across a rapidly evolving enterprise environment. This role will focus on securing enterprise applications, cross-system integrations, data flows, and emerging AI-adjacent use cases. The scope includes modern access patterns such as MCP, integration, and trust boundary security, and broader security engineering support across enterprise platforms and services. This engineer will help identify risk, define practical security requirements, and improve security outcomes through strong technical judgment and cross-functional partnership.

Opportunity

This role sits at the intersection of enterprise architecture, security engineering, and business enablement. The engineer will review new technologies, integrations, and workflows with an emphasis on secure design, authentication and authorization, data handling, logging, third-party connectivity, API and token security, and operational resilience. The role partners closely with IT, Engineering, Legal, Privacy, Procurement, and business stakeholders to surface risk early, set clear requirements, and support scalable adoption of secure patterns. This is a strong opportunity to help shape how Enterprise Security supports SaaS, internal platforms, automation, and AI-connected systems as the environment continues to grow in complexity.

Requirements: 

• 7+ years of experience in security engineering, enterprise security, application security, cloud security, or a related field.
• Experience conducting security design or architecture reviews for enterprise applications, SaaS platforms, integrations, or internally developed systems.
• Strong understanding of authentication, authorization, SSO, federation, SCIM, API security, token handling, secrets management, and least privilege design
• Experience assessing data flows, third-party integrations, trust boundaries, logging and monitoring, and security controls across interconnected systems.
• Ability to evaluate risk in modern enterprise environments, including automation platforms, AI-adjacent workflows, and emerging integration patterns such as MCP.
• Strong written and verbal communication skills, including the ability to translate technical risk into clear requirements and actionable guidance.
• Experience driving security outcomes through engineering judgment, influence, and scalable process improvement.
• Familiarity with cloud platforms, enterprise identity systems, and core control domains such as audit logging, encryption, access control, data retention, and incident response.

Outcomes

• OUTCOME 1: Strengthen security practices across enterprise application and integration reviews by identifying key risks early, improving requirement quality, and helping teams address security issues earlier in the lifecycle.
• OUTCOME 2:  Strengthen Enterprise Security’s capability to assess and guide AI-adjacent security, MCP and integration security, and cross-system data flow risk, while improving the consistency and scale of security reviews.