RemoteLeaf Logo
Log in Sign up

Staff Product Security Engineer

1 month ago
Netherlands
Full-time
Senior
Application Security Engineer
Cybersecurity
Apache Spark HIPAA Java JavaScript MLflow Python Scala
Apply Now
Databricks

Databricks

Databricks is the pioneering data intelligence platform, empowering organizations worldwide to solve complex data challenges with AI-driven analytics solutions.

IT Services
1K-5K
Founded 2013
$4450M raised
View All Jobs 18

Description

  • Provide full SDLC security support for new product features across ENG and non‑ENG teams, including threat modeling and design reviews.
  • Perform manual code reviews to identify security defects and create exploit chains as needed.
  • Develop and write exploits and exploit chains to validate vulnerabilities and assess risk impact.
  • Support Incident Response (IR) and Vulnerability Response (VRP) efforts when product security incidents or external reports occur.
  • Analyze SAST tool results to triage false positives and file defects for real issues.
  • Develop and maintain DAST tooling and related automation for auto‑assessment and defect filing.
  • Maintain and enhance the automation framework to support security compliance requirements (e.g., FedRAMP, PCI, HIPAA).
  • Help develop and implement security processes to improve the productivity of the product security organization and the SDLC overall.

Requirements

  • 5–10 years of experience with the threat modeling process and ability to find design problems from data‑flow/block diagrams.
  • Strong understanding of at least two domains among Web Security, Cloud Security, Systems Security, and Applied Cryptography.
  • Proficiency with one or more programming languages (Python, Java, Scala, JavaScript) and the ability to read code to identify security defects.
  • Strong scripting and automation skills for exploit development and testing.
  • Exploit writing skills are highly desired and expected for the role.
  • Fuzzing skills are a plus.
  • Experience working with SAST and DAST tools and associated automation for triage and defect filing.
  • Experience supporting Incident Response and Vulnerability Response programs and collaborating with other security teams.
  • Experience maintaining automation to support security compliance frameworks (FedRAMP, PCI, HIPAA) is a plus.

Benefits

  • Comprehensive benefits and perks provided by Databricks; region‑specific details available at https://www.mybenefitsnow.com/databricks.
  • Commitment to diversity and inclusion and equal employment opportunity.
  • Databricks is headquartered in San Francisco with offices worldwide (global company presence).

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Toyota Tsusho Systems

Principal Embedded Software Developer (VSE)

Toyota Tsusho Systems 51-250 IT Services

Principal Software Engineer at Toyota responsible for architecting and delivering secure, mission-critical in-vehicle embedded software and driving production-quality feature implementations.

United States Full-time Lead Application Security Engineer Embedded Systems Engineer
C C++ CI/CD Cybersecurity Embedded Systems Encryption HIPAA OWASP Penetration Testing Rust TLS
1 month ago
Samsara

Senior Security Engineer - Threat Modeling

Samsara 1K-5K IT Services

Senior Security Engineer at Samsara, responsible for leading and owning the company’s threat modeling program and related application/product security efforts to reduce software risk and protect customers while working cross-functionally across engineering, product, and security teams.

United States Full-time Senior Application Security Engineer
$158k-$265k
AWS Go IoT Python
1 month ago
Veeam Software

Senior DevSecOps Engineer

Veeam Software 1K-5K Internet Software & Services

Senior DevSecOps Engineer at Veeam responsible for integrating and operating security controls across the software development lifecycle to embed SAST/SCA and other security tooling into CI/CD pipelines and reduce supply-chain risk.

Portugal Full-time Senior Application Security Engineer DevOps Engineer
Ansible Azure Bash CI/CD CloudFormation DevSecOps Docker Git Helm Jenkins Kubernetes Linux Network Security PowerShell Python TeamCity Terraform YAML
1 month ago
Veeam Software

Cloud Application Security Engineer

Veeam Software 1K-5K Internet Software & Services

Cloud Application Security Engineer at Veeam working to shape and strengthen the security of Veeam products and services to enhance data protection and business resilience.

Portugal Full-time Mid Level Application Security Engineer
Ansible AWS Azure Bash Burp Suite C C# C++ CI/CD Encryption JavaScript Jenkins Penetration Testing PowerShell Python Ruby Terraform
1 month ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers