Offerte di lavoro
>
Rome

    Sr. Product Security Engineer - Roma, Italia - Databricks Inc.

    Databricks Inc.
    Databricks Inc. Roma, Italia

    3 giorni fa

    Default job background
    Descrizione
    While candidates in the listed location(s) are encouraged for this role, candidates in other locations will be considered.

    The Product Security Team's mission is to Left-shift SDLC (Security Development Lifecycle) processes for ALL code written in Databricks (for Customer Use or Supporting Customer internally) to reduce the likelihood of introducing new vulnerabilities in production and minimize the count and effect of externally identified vulnerabilities on Databricks Services.

    You will be an individual contributor on the product security team at Databricks, manage SDLC functions for features and products within Databricks.

    This would include, but is not limited to, security design reviews, threat models, manual code reviews, exploit writing and exploit chain creation.

    You will also support IR and VRP programs when there is a vulnerability report or a product security incident. You will work with a global team, spread across various locations in the US and EMEA.

    The impact you will have:

    Full SDLC Support for new product features being developed in ENG and non-ENG teams. This would include Threat Modeling, Design Review, Manual Code Review, Exploit writing, etc.
    Work with other security teams to provide support for Incident Response and Vulnerability Response as and when needed.

    Work with the results of SAST tools to help evaluate and identify false positives and file defects for real issues.

    Work on DAST tools and related automation for auto-assessment and defect filing.

    Maintain the automation framework and add new features as needed to support different security compliances that Databricks may want to get into – FedRamp, PCI, HIPPA, etc.

    Prioritize security from a risk management perspective, rather than an absolute textbook version.
    Help develop and implement security processes to improve the overall productivity of the product security organization and the SDLC process in general

    What we look for:


    3+ years of experience with the Threat Modeling process and ability to find design problems based on a block diagram of data flow.

    Solid understanding on at least two of the following domains - Web Security, Cloud Security, Systems Security and Applied Cryptography.

    Strong skills on scripting and automation on exploits
    Fuzzing skills are good to have.
    Exploit writing skills is a positive and greatly required.
    Enhanced Parental Leaves
    Fitness reimbursement
    Home office & work headphones reimbursement
    Employee referral bonus
    Equity awards
    Fitness reimbursement
    Mental wellness resources
    Private Medical Insurance
    Life, accident & disability insurance
    About Databricks
    Databricks is the data and AI company.

    More than 10,000 organizations worldwide — including Comcast, Condé Nast, Grammarly, and over 50% of the Fortune 500 — rely on the Databricks Data Intelligence Platform to unify and democratize data, analytics and AI.

    Databricks is headquartered in San Francisco, with offices around the globe and was founded by the original creators of Lakehouse, Apache Spark, Delta Lake and MLflow.

    To learn more, follow Databricks on Twitter ,LinkedIn and Facebook .
    Our Commitment to Diversity and Inclusion
    At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards.

    Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.

    Compliance

    If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S.

    government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.

    #J-18808-Ljbffr
  • Confidenziale

    Security Engineer

    2 giorni fa

    Confidenziale Lazio, Italia

    ESPRIMO Srl, società di consulenza informatica che opera dal 2002 su tutto il territorio nazionale ed internazionale, a supporto delle imprese, si colloca nel settore dell'Information Technology proponendosi come obiettivo quello di fornire una vasta gamma di prodotti, servizi e ...

  • Experis S.r.l.

    Security Engineer

    1 settimana fa

    Experis S.r.l. Roma, Italia

    Compenso lordo: € € all'anno · Posti disponibili: 1 · Contratto di lavoro: Indeterminato · Descrizione Experis è la società IT & Technology del Gruppo Manpower. Le persone e le loro competenze sono il nostro successo e insieme ci poniamo come partner tecnologici dei nostri client ...

  • Sgb Humangest Holding

    Security Engineer

    1 giorno fa

    Sgb Humangest Holding Lazio, Italia

    SGB Humangest Holding- Divisione ICT, Società specializzata nel settore dell'Information Technology e Digital Transformation, ricerca per importante azienda italiana specializzata in ambito Networking, Cyber Security, Data Center, Cloud:Una figura di SECURITY ENGINEERPrincipali a ...

  • Lantech Solutions

    Security Engineer

    1 giorno fa

    Lantech Solutions Roma, Italia

    Besana in Brianza, Bologna, Milano, Modena, Parma, Reggio Emilia · ll candidato/a sarà inserito nell'organizzazione di post-vendita per attività di consulenza e realizzazione progetti all'interno del Team Security. · Si richiede: Esperienza di 3 anni in ambito Networking e Networ ...

  • Noovle

    Infrastructure Security Engineer

    6 ore fa

    Noovle Rome, Italia

    Infrastructure Security Engineer · Ricerchiamo profili di Infrastructure Security Engineer da inserire nell'ambito della Funzione Security. Tale Funzione assicura il presidio dei processi relativi alla sicurezza fisica e logica, alla Business Continuity, alla prevenzione ed al co ...

  • Transtec Services Srl

    Network Security Engineer

    1 giorno fa

    Transtec Services Srl Roma, Italia

    Transtec Services Srl , società di servizi e consulenza che opera nel settore ICT e dell'Innovazione tecnologica, è alla ricerca di un Network Security Engineer per una delle nostre aziende clienti. · L'attività prevede: · Installazione e manutenzione di LAN, WAN, segmenti di ret ...

  • It Centric S.P.A.

    Middle Network And Security Engineer

    1 giorno fa

    It Centric S.P.A. Lazio, Italia

    Sei un Network and Security Engineer esperto con una passione perla sicurezza informatica e la gestione di reti complesse?Allora questa è l'opportunità che fa per te IT Centric sta cercandoun Middle Network and Security Engineer per unirsi al nostro team dinamico e inrapida cresc ...

  • SGB Humangest Holding

    Pre-sales Engineer Network e Security

    1 giorno fa

    SGB Humangest Holding Rome, Italia

    SGB Humangest Holding- Divisione ICT, Società specializzata nel settore dell'Information Technology e Digital Transformation, ricerca per azienda leader in Italia nell'ambito dei servizi di progettazione, gestione, realizzazione e manutenzione di reti e siti per le telecomunicazi ...

  • IT Centric

    Middle Network and Security Engineer

    6 ore fa

    IT Centric Rome, Italia

    Sei un Network and Security Engineer esperto con una passione perla sicurezza informatica e la gestione di reti complesse? · Allora questa è l'opportunità che fa per te IT Centric sta cercandoun Middle Network and Security Engineer per unirsi al nostro team dinamico e inrapida cr ...

  • It Centric

    Junior Network And Security Engineer

    4 ore fa

    It Centric Lazio, Italia

    IT Centric è un System Integrator innovativo che opera principalmente nelle aree dell'Information Technology, delle Telecomunicazioni e dell'Ingegneria dei Sistemi. Attraverso un team di specialisti in diversi settori di mercato e ambiti tecnologici, l'azienda riesce a seguire i ...

  • Data-sec Gmbh

    It-security engineer

    6 giorni fa

    Data-sec Gmbh Roma, Italia

    IT-Security Engineer (m/f/d) We do infrastructures what many others do not - we make them secure Our consultants create security guidelines, our analysts uncover vulnerabilities and monitor infrastructures and our engineers implement the measures together with our customers. We a ...

  • Hitachi Automotive Systems Americas, Inc.

    Security Engineer

    1 settimana fa

    Hitachi Automotive Systems Americas, Inc. Roma, Italia

    Associate Security Engineer page is loaded Associate Security Engineer Apply locations Naples, Campania, Italy Genoa, Ligura, Italy time type Full time posted on Posted 10 Days Ago job requisition id R Location: · Naples, Campania, Italy Job ID: · R Date Posted: · Company Name: · ...

  • GTT Communications, Inc.

    Security Engineer

    2 giorni fa

    GTT Communications, Inc. Rome, Italia A tempo pieno

    J ob Title: Senior Security Engineer · Location: Italy · About GTT · GTT provides secure global connectivity, improving network performance and agility for your people, places, applications, and clouds. We operate a global Tier 1 internet network and provide a comprehensive suit ...

  • SUSE

    Software Engineer Security

    6 ore fa

    SUSE Rome, Italia A tempo pieno

    JOB DESCRIPTION About Us · Always open. Our code, our culture, our opportunities. Leading open innovation without limits. We are SUSE. · SUSE is a global leader in innovative, reliable and secure enterprise open source solutions, including SUSE Linux Enterprise (SLE), Rancher a ...

  • Mediterranean Shipping Company

    cyber security engineer

    4 ore fa

    Mediterranean Shipping Company Roma, Italia

    CYBER SECURITY ENGINEER - RISK MANAGEMENT You will join the Information Security Risk Management & Compliance team in the Security Architect Division, playing a critical role in identifying, assessing, and mitigating risks associated with the company's IT security posture, in lin ...

  • Bulgari

    System Security Engineer

    1 giorno fa

    Bulgari Roma, Italia

    Bulgari S.p.A., within the Corporate Risk protection department based in Rome, is searching for a Security System Engineer. · The selected candidate will contribute to the strategies and programs defined by the World Wide Risk protection Department, in order to achieve its goals, ...

  • SUSE

    Security Certification Engineer

    1 giorno fa

    SUSE Rome, Italia A tempo pieno

    JOB DESCRIPTION About Us · Always open. Our code, our culture, our opportunities. Leading open innovation without limits. We are SUSE. · SUSE is a global leader in innovative, reliable and secure enterprise open source solutions, including SUSE Linux Enterprise (SLE), Rancher a ...

  • Reply, Inc.

    Security Network Engineer

    3 giorni fa

    Reply, Inc. Lazio, Italia

    Requisition ID10004- Posted -Years of Experience (4)-Technology-Where (1)-JobNet Replyis the Reply Group company with specialized solutions forTelco OperatorsandLarge Enterpriseswith distributed networking. Our mission is to consolidate a distinctive positioning and innovative of ...

  • I3P S.C.P.A.

    Linux Security Engineer

    1 giorno fa

    I3P S.C.P.A. Lazio, Italia

    As Linux Security Engineer within Osmium, you will be part of our agile and international team. You will work in internal product development projects or for different private and public customers.You will play a pivotal role in ensuring the security and integrity of Linux-based ...

  • Mediterranean Shipping Company

    cyber security engineer

    3 giorni fa

    Mediterranean Shipping Company Roma, Italia

    CYBER SECURITY ENGINEER - RISK MANAGEMENT You will join the Information Security Risk Management & Compliance team in the Security Architect Division, playing a critical role in identifying, assessing, and mitigating risks associated with the company's IT security posture, in lin ...