Staff Production Engineer- Public Sector
Databricks Inc., Virginia, MN, United States
At Databricks, we are passionate about enabling data teams to solve the world's toughest problems — from making the next mode of transportation a reality to accelerating the development of medical breakthroughs. We do this by building and running the world's best data and AI infrastructure platform so our customers can use deep data insights to improve their business. Founded by engineers — and customer obsessed — we leap at every opportunity to solve technical challenges, from designing next-gen UI/UX for interfacing with data to scaling our services and infrastructure across millions of virtual machines. And we're only getting started.
The Role
At Databricks, we don't just use the cloud; we are "cloud maximalists." Unlike most companies that treat multi-cloud as a backup strategy, we run our platform across every region of every major cloud provider (AWS, Azure, and GCP) simultaneously. This creates a massive, high-consequence engineering surface area that requires a unique breed of Production Engineer.
In this role, you won't just run our cloud environments; you will own and evolve the secure infrastructure, access patterns, and guardrails that keep Databricks' global platform safe and compliant in production. You will be responsible for the "sovereign layer" of our infrastructure, ensuring that our Data Intelligence Platform operates with 100% reliability and security in highly regulated, air-gapped, and sovereign environments. If you are an engineer who views infrastructure as a software problem and thrives on the complexity of global-scale networking, IAM, and automation, this is your team.
The Impact You’ll Have
Security-Focused Cloud Operations
Design, automate, and operate the
IAM, account/subscription, and project lifecycle
across AWS, Azure, and GCP, enforcing least-privilege and standardized access patterns at scale.
Review, implement, and continuously improve
cloud identity and access policies
(IAM, Okta, Opal) to align with Databricks security standards and audit requirements.
Production Engineering & Automation
Build and maintain
reliable, observable automation and tooling
to apply cloud changes (roles, policies, accounts, networking) safely and repeatedly.
Treat operational and security issues as
software problems : eliminate toil, drive root-cause analysis, and codify fixes into infrastructure and tooling.
Security Data Pipelines & Compliance
Own and improve
security and audit logging data pipelines
from cloud providers into our internal systems, ensuring timely, accurate data for detection, investigations, and audits.
Partner with Security, Compliance, and Audit teams to provide
evidence, clarifications, and policy updates
that keep our environments aligned with evolving standards.
Regulated & Specialized Environments
Operate and improve
specialized, highly regulated environments
(e.g., FedRAMP / GovCloud) including release management, patching cadences, and supporting secure access workflows (e.g., SAW).
Ensure high availability and resiliency for critical security and access infrastructure across these environments.
On-Call & Incident Response
Participate in a
24x7 on-call rotation
for high-severity incidents impacting cloud accounts, IAM, or security data pipelines.
Act as a key partner to product engineering, security engineering, and field teams during incidents to restore service and harden systems for the future.
What We Look For
Required:
Candidates must be
eligible
for a
Top Secret / Sensitive Compartmented Information (TS/SCI)
security clearance.
Nice to have:
Possession of a current
polygraph
(Counterintelligence or Full Scope) is highly desired and considered a significant plus.
Education- BS, MS, or PhD in Computer Science, Engineering, or a related technical field, or equivalent practical experience.
Experience
Staff:
8+ years of experience operating and automating large-scale cloud environments, with a track record of driving cross-team infrastructure improvement.
Deep hands‑on experience with at least one major cloud provider ( AWS, Azure, or GCP ) in areas such as IAM, networking, accounts/subscriptions/projects, and audit logging.
Strong background in Infrastructure-as-Code and automation
(e.g., Terraform, CloudFormation, or similar) and CI/CD for infrastructure changes.
Security & Compliance Mindset
Proven experience working in or with
security-sensitive or regulated environments
(e.g., SOC2, FedRAMP, ISO 27001, financial services, public sector) and translating requirements into concrete technical controls.
Familiarity with
access review processes, policy baselines, and audit evidence
for cloud environments.
Operational Excellence
Demonstrated success running
high-availability, security-critical services , including on-call responsibilities and incident management.
Strong debugging and problem-solving skills across distributed systems, with the ability to navigate ambiguous issues spanning multiple teams and platforms.
Bonus
Experience with
Okta, Opal, or similar identity/access tooling .
Background operating secure admin workstations (SAW) or comparable hardened access patterns.
Experience migrating cloud accounts or subscriptions during
M&A or large-scale reorganizations .
Local Pay Range
$162,000 — $222,750 USD
Our Commitment to Diversity and Inclusion
At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.
Compliance
If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.
#J-18808-Ljbffr
The Role
At Databricks, we don't just use the cloud; we are "cloud maximalists." Unlike most companies that treat multi-cloud as a backup strategy, we run our platform across every region of every major cloud provider (AWS, Azure, and GCP) simultaneously. This creates a massive, high-consequence engineering surface area that requires a unique breed of Production Engineer.
In this role, you won't just run our cloud environments; you will own and evolve the secure infrastructure, access patterns, and guardrails that keep Databricks' global platform safe and compliant in production. You will be responsible for the "sovereign layer" of our infrastructure, ensuring that our Data Intelligence Platform operates with 100% reliability and security in highly regulated, air-gapped, and sovereign environments. If you are an engineer who views infrastructure as a software problem and thrives on the complexity of global-scale networking, IAM, and automation, this is your team.
The Impact You’ll Have
Security-Focused Cloud Operations
Design, automate, and operate the
IAM, account/subscription, and project lifecycle
across AWS, Azure, and GCP, enforcing least-privilege and standardized access patterns at scale.
Review, implement, and continuously improve
cloud identity and access policies
(IAM, Okta, Opal) to align with Databricks security standards and audit requirements.
Production Engineering & Automation
Build and maintain
reliable, observable automation and tooling
to apply cloud changes (roles, policies, accounts, networking) safely and repeatedly.
Treat operational and security issues as
software problems : eliminate toil, drive root-cause analysis, and codify fixes into infrastructure and tooling.
Security Data Pipelines & Compliance
Own and improve
security and audit logging data pipelines
from cloud providers into our internal systems, ensuring timely, accurate data for detection, investigations, and audits.
Partner with Security, Compliance, and Audit teams to provide
evidence, clarifications, and policy updates
that keep our environments aligned with evolving standards.
Regulated & Specialized Environments
Operate and improve
specialized, highly regulated environments
(e.g., FedRAMP / GovCloud) including release management, patching cadences, and supporting secure access workflows (e.g., SAW).
Ensure high availability and resiliency for critical security and access infrastructure across these environments.
On-Call & Incident Response
Participate in a
24x7 on-call rotation
for high-severity incidents impacting cloud accounts, IAM, or security data pipelines.
Act as a key partner to product engineering, security engineering, and field teams during incidents to restore service and harden systems for the future.
What We Look For
Required:
Candidates must be
eligible
for a
Top Secret / Sensitive Compartmented Information (TS/SCI)
security clearance.
Nice to have:
Possession of a current
polygraph
(Counterintelligence or Full Scope) is highly desired and considered a significant plus.
Education- BS, MS, or PhD in Computer Science, Engineering, or a related technical field, or equivalent practical experience.
Experience
Staff:
8+ years of experience operating and automating large-scale cloud environments, with a track record of driving cross-team infrastructure improvement.
Deep hands‑on experience with at least one major cloud provider ( AWS, Azure, or GCP ) in areas such as IAM, networking, accounts/subscriptions/projects, and audit logging.
Strong background in Infrastructure-as-Code and automation
(e.g., Terraform, CloudFormation, or similar) and CI/CD for infrastructure changes.
Security & Compliance Mindset
Proven experience working in or with
security-sensitive or regulated environments
(e.g., SOC2, FedRAMP, ISO 27001, financial services, public sector) and translating requirements into concrete technical controls.
Familiarity with
access review processes, policy baselines, and audit evidence
for cloud environments.
Operational Excellence
Demonstrated success running
high-availability, security-critical services , including on-call responsibilities and incident management.
Strong debugging and problem-solving skills across distributed systems, with the ability to navigate ambiguous issues spanning multiple teams and platforms.
Bonus
Experience with
Okta, Opal, or similar identity/access tooling .
Background operating secure admin workstations (SAW) or comparable hardened access patterns.
Experience migrating cloud accounts or subscriptions during
M&A or large-scale reorganizations .
Local Pay Range
$162,000 — $222,750 USD
Our Commitment to Diversity and Inclusion
At Databricks, we are committed to fostering a diverse and inclusive culture where everyone can excel. We take great care to ensure that our hiring practices are inclusive and meet equal employment opportunity standards. Individuals looking for employment at Databricks are considered without regard to age, color, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, veteran status, and other protected characteristics.
Compliance
If access to export-controlled technology or source code is required for performance of job duties, it is within Employer's discretion whether to apply for a U.S. government license for such positions, and Employer may decline to proceed with an applicant on this basis alone.
#J-18808-Ljbffr