RDQ126R167
We are looking for experienced Incident Handlers with cross functional skills, domain expertise and communication skills. Our mission is to respond to security threats, incidents and investigations to protect our customers, employees and enterprise data in a fast, efficient and standardized manner. You will report to the Head of Incident Response in the Security Org. You will be responsible for leading incidents, investigations and security initiatives from postmortems in the EMEA or APAC timezone. You will be a security multiplier and help the team improve security incident handling at Databricks.
The impact you will have:
- You will run Security & Privacy Investigations which will require you to engage with different stakeholders and communicate investigations to Security leadership and work towards incident resolution.
- Respond to new incidents as part of a distributed daytime operations and on-call schedule.
- Handle SEV-1s and SEV-0s independently, potentially with leadership support for SEV-0s.
- You can guide investigations with multiple teams across multiple organizations, to gain traction and tradeoff to resolve issues.
- You can handle incomplete incident context, and choose best solutions with limited or incomplete information.
- Partner and build relationships with Engineering and Security teams to contain and mitigate risks during incidents
- Lead blameless incident postmortems and identify root causes, including systemic issues.
- Identify, get commitment for, and follow up on projects identified in the postmortem process.
What we look for:
- Strong oral and written communication skills, customer centric attitude and ability to work in a culturally diverse environment.
- 5+ years of experience in Incident Management Systems or certifications like CISM,GSEC, CISSP or PMP.
- Program management skills, including prioritization and dealing with ambiguous requirements. You have experience to balance short term/ tactical follow ups and track long term improvements across multiple teams.
- Experience with technical concepts of cloud security, data ecosystem and the Incident Response process lifecycle.
- Understand industry wide security terms and models : NIST,ISO/IEC 27001, OWASP, MITRE ATT&CK for Cloud Enterprise.
- Proven ability to build relationships and propel momentum with clients and stakeholders