Sr Security Assurance Engineer - Third Party Risk Management

RDQ326R19

The Databricks Security Assurance Team enables Databricks to achieve third party certifications and to manage third-party security risk in order to help secure Databricks and provide confidence to customers. As a Sr. Security Assurance Engineer with a focus on third party risk management you will be responsible for operating supporting and maturing the third-party risk management program at Databricks. You will be an individual contributor reporting to the Senior Director of Security Assurance.

This is a work opportunity within India.

The impact you will have:

• Help run and mature the Security Assurance Team’s third-party risk management program at Databricks.

• Evaluate the security program maturity security controls and security documentation of Databricks third-parties by performing security assessments and audits.

• Help maintain third-party risk management assessment procedures and related documentation.

• Support third-party risk management program metrics.

What we look for:

We are looking for a professional with the following skills and practical experience in:

• Bachelor's degree in Computer Science or related field or equivalent experience.

• 7+ years of security experience with at least 3 years of that in third-party risk management including performing security reviews.

• Experience operating and improving third-party risk management programs.

• A comprehensive understanding of security controls across all domains.

• A general understanding of key technical security controls.

• Familiarity with vendor security questionnaires for third party assessments.

• Experience working effectively with other enterprise teams such as IT and Legal.

• Experience working with internal Legal teams regarding security language in vendor contracts.

• Experience with Jira is preferred.

• Security related certifications such as CISSP is preferred.