Job Description
P-1602
About Databricks
At Databricks, we are passionate about enabling data teams to solve the world's toughest problems — from making the next mode of transportation a reality to accelerating the development of medical breakthroughs. We do this by building and running the world's best data and AI infrastructure platform so our customers can use deep data insights to improve their business. Founded by engineers — and customer obsessed — we leap at every opportunity to solve technical challenges, from designing next-gen UI/UX for interfacing with data to scaling our services and infrastructure across millions of virtual machines. And we're only getting started.
The Role
At Databricks, we don’t just use the cloud; we are "cloud maximalists." Unlike most companies that treat multi-cloud as a backup strategy, we run our platform across every region of every major cloud provider (AWS, Azure, and GCP) simultaneously. This creates a massive, high-consequence engineering surface area that requires a unique breed of Production Engineer.
In this role, you won’t just run our cloud environments; you will own and evolve the secure infrastructure, access patterns, and guardrails that keep Databricks’ global platform safe and compliant in production. You will be responsible for the "sovereign layer" of our infrastructure, ensuring that our Data Intelligence Platform operates with 100% reliability and security in highly regulated, air-gapped, and sovereign environments. If you are an engineer who views infrastructure as a software problem and thrives on the complexity of global-scale networking, IAM, and automation, this is your team.
The Impact You’ll Have
Security-Focused Cloud Operations
- Design, automate, and operate the IAM, account/subscription, and project lifecycle across AWS, Azure, and GCP, enforcing least-privilege and standardized access patterns at scale.
- Review, implement, and continuously improve cloud identity and access policies (IAM, Okta, Opal) to align with Databricks security standards and audit requirements.
Production Engineering & Automation
- Build and maintain reliable, observable automation and tooling to apply cloud changes (roles, policies, accounts, networking) safely and repeatedly.
- Treat operational and security issues as software problems: eliminate toil, drive root-cause analysis, and codify fixes into infrastructure and tooling.
Security Data Pipelines & Compliance
- Own and improve security and audit logging data pipelines from cloud providers into our internal systems, ensuring timely, accurate data for detection, investigations, and audits.
- Partner with Security, Compliance, and Audit teams to provide evidence, clarifications, and policy updates that keep our environments aligned with evolving standards.
Regulated & Specialized Environments
- Operate and improve specialized, highly regulated environments (e.g., FedRAMP / GovCloud) including release management, patching cadences, and supporting secure access workflows (e.g., SAW).
- Ensure high availability and resiliency for critical security and access infrastructure across these environments.
On-Call & Incident Response
- Participate in a 24x7 on-call rotation for high-severity incidents impacting cloud accounts, IAM, or security data pipelines.
- Act as a key partner to product engineering, security engineering, and field teams during incidents to restore service and harden systems for the future.
What We Look For
- Required: Candidates must be eligible for a Top Secret / Sensitive Compartmented Information (TS/SCI) security clearance.
- Nice to have: Possession of a current polygraph (Counterintelligence or Full Scope) is highly desired and considered a significant plus.
- Education- BS, MS, or PhD in Computer Science, Engineering, or a related technical field, or equivalent practical experience.
- Experience: 5+ years of experience in production engineering, SRE, security engineering, or cloud infrastructure roles.
- Cloud & Infrastructure Expertise
- Deep hands-on experience with at least one major cloud provider (AWS, Azure, or GCP) in areas such as IAM, networking, accounts/subscriptions/projects, and audit logging.
- Strong background in Infrastructure-as-Code and automation (e.g., Terraform, CloudFormation, or similar) and CI/CD for infrastructure changes.
- Security & Compliance Mindset
- Proven experience working in or with security-sensitive or regulated environments (e.g., SOC2, FedRAMP, ISO 27001, financial services, public sector) and translating requirements into concrete technical controls.
- Familiarity with access review processes, policy baselines, and audit evidence for cloud environment.
- Operational Excellence
- Demonstrated success running high-availability, security-critical services, including on-call responsibilities and incident management.
- Strong debugging and problem-solving skills across distributed systems, with the ability to navigate ambiguous issues spanning multiple teams and platforms.
Bonus
- Experience with Okta, Opal, or similar identity/access tooling.
- Background operating secure admin workstations (SAW) or comparable hardened access patterns.
- Experience migrating cloud accounts or subscriptions during M&A or large-scale reorganizations.
Pay Range Transparency
Databricks is committed to fair and equitable compensation practices. The pay range(s) for this role is listed below and represents the expected salary range for non-commissionable roles or on-target earnings for commissionable roles. Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on the factors above, Databricks anticipates utilizing the full width of the range. The total compensation package for this position may also include eligibility for annual performance bonus, equity, and the benefits listed above. For more information regarding which range your location is in visit our page here.
About Databricks
Databricks is the data and AI company. More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI. Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark™, Delta Lake and MLflow. To learn more, follow Databricks on Twitter, LinkedIn and Facebook.
Benefits
At Databricks, we strive to provide comprehensive benefits and perks that meet the needs of all of our employees. For specific details on the benefits offered in your region click here.
Our Commitment to Diversity and Inclusion
At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.
Compliance
If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.
Don't have an account? Register