Databricks

Staff Security Software Engineer, AI Security

Databricks · Remote - California

🔥11 people viewed this job

About the Role

RDQ426R108 This role is open to candidates in the US (any location) About the Team The AI Security team at Databricks sits at the frontier of securing the AI/ML services in the Databricks platform. As we ship AI capabilities at the leading edge of the industry, including Agent Bricks, the Genie suite, AI Model Serving, MLflow, and Unity AI Gateway, the AI Security team ensures these systems are designed, built, and operated securely. Our work also extends to securing our own usage of AI: building the right guardrails that enable Databricks employees to innovate and deliver securely. The team combines offensive security depth with AI/ML engineering knowledge to identify novel threats, build scalable defenses, and influence how AI products are architected from the ground up. We lead AI Red Team exercises, build security tooling for AI workloads, and partner directly with AI Product teams to embed security into the development lifecycle. --- The Role As a Staff Security Software Engineer on the AI Security team, you are a senior technical leader who sets the standards for how Databricks secures its AI and ML capabilities. You combine deep offensive security expertise with practical knowledge of AI/ML systems to identify and drive resolution of the most significant security risks in Databricks' AI platform. You lead AI red team engagements against production AI systems, conduct security architecture reviews for complex, multi-system AI features, and build the tooling and frameworks that scale the team's impact. You are a subject matter expert in at least two AI security domains and you operate with significant autonomy- driving cross-team remediation, setting technical standards, and mentoring teammates in both offensive techniques and secure AI design. --- The Impact You Will Have AI Red Team & Adversarial Testing • Lead AI red team engagements against Databricks' production AI systems, including Foundation Model APIs, Genie and natural language query systems, Model Serving infrastructure, MCP-connected agents, and RAG pipelines • Design and execute adversarial attack scenarios: prompt injection, jailbreaking, memory poisoning, cross-tenant data leakage in multi-tenant serving, and sandbox bypasses • Develop proof-of-concept exploits for AI-specific vulnerability classes and perform variant analysis to identify the full scope of exposure across the AI platform • Contribute to the evolution of the Databricks AI Security Framework (DASF), maintaining and extending the risk taxonomy, control library, and testing methodology as AI capabilities evolve AI Product Security & Architecture Reviews • Lead comprehensive security architecture reviews for complex AI features: threat modeling agentic workflows, RAG pipelines, multi-model serving chains, and MCP-based tool integrations • Partner directly with AI and ML engineering teams to identify security risks early in the design process and define practical, scalable controls • Assess and drive resolution of cross-cutting AI security risks: Unity Catalog permission enforcement in AI contexts, inference data isolation, model artifact integrity, fine-tuning pipeline security, and external model API governance via AI Gateway • Identify recurring security patterns across AI features; advocate for class-level architectural fixes rather than feature-by-feature point solutions AI Security Tooling & Automation • Design and build automated AI security testing tooling, including adversarial prompt libraries, agent behavior analysis frameworks, and continuous testing harnesses • Build AI-assisted automation that scales security reviews, threat modeling, and vulnerability triage for AI features • Develop and maintain security guardrails and enforcement mechanisms: LLM-as-judge review, prompt delimiting, output validation, rate limiting, and audit logging Cross-Team Remediation & Standards • Set technical standards for how AI security risks are assessed, prioritized, and remediated across the engineering organization • Drive cross-team remediation for significant AI security findings, defining fix requirements, validating patches, and ensuring regression coverage in CI/CD pipelines • Produce high-quality threat models, security advisories, and post-mortems that inform organizational risk decisions for AI products Mentorship & Community • Mentor engineers on the AI Security team in adversarial ML techniques, AI threat modeling, and security tooling development • Contribute to internal knowledge assets, including training materials, design patterns, and threat model templates, that raise AI security fluency across the engineering organization • Represent Databricks in the external AI security community through publications, conference talks, or open-source contributions --- What We Look For • 7–10 years of combined experience in offensive security, AI/ML security research, or product security engineering, with demonstrated leadership in securing com
Data & AI Platform5000-10000 employeesSan Francisco, CAFounded 2013💰 Series I

Databricks, Inc. is an American software company based in San Francisco. It was founded in 2013 by the original creators of Apache Spark. It offers a cloud-based platform for data analytics and artificial intelligence.

PythonScalaSparkJavaSQL
Remote friendly · Equity · Health insurance

💬 Developer Questions

Ask the team a question — answers show up here

🎯

What does the interview process look like?

🤖

What AI/vibe coding tools does the team use daily?

👥

How big is the engineering team?

Is the team fully async or are there required meetings?

🚀

What does onboarding look like for remote hires?

🔧

Can you share more about the tech stack and architecture?

📈

What does career growth look like in this role?

📅

What does a typical day look like?

💰

Is there a salary range you can share?

📊

Is equity or stock options part of the package?

🌍

Are there timezone requirements or preferences?

🛂

Do you sponsor work visas?

🏢 Is this your listing? Claim it to answer questions

Similar Jobs

Helpful resources

Hiring for a similar role? Post your job here — it's free →