We are seeking a skilled Databricks Security/Compliance Engineer to join our team, responsible for ensuring the security and regulatory compliance of our Azure Databricks and Delta Lake platforms. The ideal candidate will have strong expertise in Databricks/Azure administration and a deep understanding of implementing and maintaining security controls across data ingestion and orchestration platforms. Key responsibilities include implementing robust security controls such as access controls, encryption, and network security; conducting regular risk assessments and managing vulnerabilities; and ensuring compliance with industry standards and regulations like SOX, GDPR, and HIPAA. The role also involves collaborating with incident response teams to address security incidents, participating in security audits and assessments, and developing security awareness and training programs. Additionally, the engineer will maintain comprehensive documentation and reporting, contribute to the organization's security strategy, and stay informed on emerging threats and technologies to recommend proactive improvements. Regular participation in security and SOX compliance audits is essential, ensuring ongoing enhancement of our security posture.
Responsibilities:
- Security Controls Implementation:
- Implement and maintain security controls across Azure Databricks/Delta Lake platform and data ingestion and orchestration platforms, including access controls, encryption, network security, and vulnerability management.
- Compliance Management:
- Monitor and ensure compliance with relevant industry standards, regulations (e.g., SOX, GDPR, HIPAA), and internal security policies.
- Risk Assessment:
- Conduct risk assessments on Azure cloud data platforms to identify potential vulnerabilities and threats. Provide recommendations and implement remediation measures to mitigate risks.
- Incident Response:
- Collaborate with incident response teams to investigate and respond to security incidents related to data platforms. Develop incident response plans and participate in incident response exercises.
- Security Audits and Assessments:
- Participate in security audits and assessments to evaluate the effectiveness of security controls and identify areas for improvement. Address findings and implement necessary changes. Work with internal and external auditors to provide evidence required for audit and compliance.
- Security Awareness and Training:
- Develop and deliver security awareness and training programs to educate employees on Azure cloud data platform security best practices.
- Documentation and Reporting:
- Maintain accurate documentation of security controls, policies, and procedures. Generate reports on security metrics, compliance status, and incidents for management and stakeholders.
- Security Strategy:
- Contribute to the development and execution of the organization's data platform security strategy. Stay updated on emerging threats and security technologies to recommend improvements.
- Regular Security Audits:
- Conduct regular security audits and participate in SOX compliance audits, providing reports and recommendations for enhancements.
Qualifications: Bachelor's Degree
Required Skills:
- Experience: 9+ years
- Databricks/Azure admin
- Remote opportunity