Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security processes in product development to minimise vulnerabilities and enhance software safety.
- Company: Join Databricks, a leading data and AI company trusted by top global brands.
- Benefits: Enjoy comprehensive benefits, remote work options, and a commitment to diversity and inclusion.
- Why this job: Make a real impact on product security while working with cutting-edge technologies.
- Qualifications: 5-10 years in threat modelling, strong coding skills, and experience in web/cloud security.
- Other info: Dynamic team environment with opportunities for professional growth and innovation.
The predicted salary is between 36000 - 60000 £ per year.
The Product Security Team's mission is to left-shift SDLC (Security Development Lifecycle) processes for ALL code written in Databricks (for Customer Use or Supporting Customer internally) to reduce the likelihood of introducing new vulnerabilities in production and minimise the count and effect of externally identified vulnerabilities on Databricks Services. You will be an individual contributor on the product security team at Databricks, managing SDLC functions for features and products within Databricks. This includes, but is not limited to, security design reviews, threat modeling, manual code reviews, exploit writing and exploit chain creation. You will also support IR and VRP programs when there is a vulnerability report or a product security incident. You will work with a global team, spread across various locations in the US and EMEA.
The Impact You Will Have
- Full SDLC Support for new product features being developed in ENG and non-ENG teams. This includes Threat Modeling, Design Review, Manual Code Review, Exploit writing, etc.
- Collaborate with other security teams to provide support for Incident Response and Vulnerability Response as needed.
- Work with SAST tool results to evaluate and identify false positives and file defects for real issues.
- Work on DAST tools and related automation for auto-assessment and defect filing.
- Maintain the automation framework and add new features to support different security compliances that Databricks may pursue (e.g., FedRamp, PCI, HIPAA).
- Prioritise security from a risk management perspective.
- Help develop and implement security processes to improve the overall productivity of the product security organization and the SDLC process in general.
What We Look For
- 5-10 years experience with the Threat Modeling process and the ability to identify design problems based on a data-flow block diagram.
- Solid understanding in at least two of the following domains: Web Security, Cloud Security, Systems Security and Applied Cryptography.
- Proficient in one or more programming languages (Python/Java/Scala/JavaScript) with ability to read code to identify security defects.
- Strong scripting and automation skills related to exploits.
- Fuzzing skills are a plus.
- Exploit writing skills are highly valued.
About Databricks
Databricks is the data and AI company. More than 10,000 organizations worldwide rely on the Databricks Data Intelligence Platform to unify and democratise data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark, Delta Lake and MLflow.
Commitment to Diversity and Inclusion
Databricks is committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards.
Senior Manager, Product Security in London employer: Databricks
Contact Detail:
Databricks Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Manager, Product Security in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, especially those already at Databricks. A friendly chat can open doors and give you insider info on what they're really looking for.
✨Tip Number 2
Show off your skills! Prepare a portfolio or case studies that highlight your experience with threat modelling and exploit writing. This will help you stand out during interviews and showcase your expertise.
✨Tip Number 3
Practice makes perfect! Get comfortable with common interview questions related to product security and SDLC processes. Mock interviews with friends or mentors can help you nail your responses.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you're genuinely interested in joining the Databricks team.
We think you need these skills to ace Senior Manager, Product Security in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in product security and SDLC processes. We want to see how your skills align with the job description, so don’t be shy about showcasing your expertise in threat modelling and code reviews!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about product security and how you can contribute to our mission at Databricks. Keep it concise but impactful – we love a good story!
Show Off Your Technical Skills: Since this role requires proficiency in programming languages like Python or Java, make sure to mention any relevant projects or experiences. We’re keen to see how you’ve applied your coding skills to identify security defects or automate processes.
Apply Through Our Website: We encourage you to apply directly through our website for a smoother application process. It’s the best way for us to receive your application and get you into our system quickly. Plus, it shows you’re serious about joining our team!
How to prepare for a job interview at Databricks
✨Know Your SDLC Inside Out
Make sure you understand the Security Development Lifecycle (SDLC) processes thoroughly. Be ready to discuss how you've previously managed security functions in product development, including threat modelling and manual code reviews. This will show that you can hit the ground running.
✨Show Off Your Technical Skills
Brush up on your programming languages, especially Python, Java, or Scala. Be prepared to demonstrate your ability to read and identify security defects in code. You might even want to bring examples of your exploit writing skills to the table.
✨Collaborate Like a Pro
Since you'll be working with global teams, highlight your experience in collaboration. Share examples of how you've worked with other security teams on incident response or vulnerability response. This will showcase your teamwork skills and adaptability.
✨Stay Current with Security Trends
Familiarise yourself with the latest trends in web, cloud, and systems security. Being able to discuss recent vulnerabilities or compliance standards like FedRamp or PCI will demonstrate your commitment to staying informed and proactive in the field.