As part of the Security Detection team at Databricks, you will play a critical role in safeguarding our products, cloud infrastructure, endpoints, and employees from modern cyber threats. Our team combines deep expertise in machine learning, log analysis, cybersecurity, and software development to create a robust and scalable detection platform. Embracing the "Detection-as-Code" model, we build detections on our own Databricks platform, ensuring that our security measures are deeply integrated with our technology stack
In this role, you will work with cutting-edge machine learning techniques to design and implement scalable intrusion detection solutions at the enterprise level. You'll partner with our product and data engineering teams to optimize log ingestion pipelines, fuse diverse log sources, and develop anomaly-based and ML-driven detection strategies. You will be instrumental in enhancing the organization's threat detection capabilities by utilizing novel data sources, exploring new attack vectors, and refining our detection models
You will be an individual contributor on the Security Detection team at Databricks, reporting to the Sr Manager of Detection Engineering
Key Responsibilities: Design and implement advanced detection strategies by deeply understanding and analyzing new or unknown log sources, schemas, and raw data
Collaborate with cross-functional teams, including product and data engineering teams, to build efficient log ingestion pipelines and support large-scale data analytics
Engineer and deploy detection solutions on Databricks using Spark, Python, and other cutting-edge technologies with a strong emphasis on clean code, rigorous testing, and comprehensive documentation
Develop Rule-based and/or ML-based intrusion detection models and integrate them with Databricks' platform, ensuring high accuracy and minimal false positives
Partner with Incident Response teams to perform threat hunting and to provide detailed logging, alerts, and playbooks, empowering proactive threat detection and response
Influence the development of long-term technology strategies and roadmaps for detection engineering, ensuring alignment with broader business and security goals
Represent Databricks at security and engineering conferences, presenting novel detection approaches and thought leadership within the security community
What we look for: 10+ years of relevant experience or advanced degree + 7 years of experience, with a focus on security detection engineering
6+ years of software engineering experience, with 4+ years specifically in security-related engineering, particularly in detection engineering
Expertise in securing and operating at least one major cloud environment (AWS, Azure, GCP)
Strong technical proficiency in key areas such as network security,