{"version":"0.1","company":{"name":"YubHub","url":"https://yubhub.co","jobsUrl":"https://yubhub.co/jobs/skill/cloud-iam"},"x-facet":{"type":"skill","slug":"cloud-iam","display":"Cloud Iam","count":1},"x-feed-size-limit":100,"x-feed-sort":"enriched_at desc","x-feed-notice":"This feed contains at most 100 jobs (the most recently enriched). For the full corpus, use the paginated /stats/by-facet endpoint or /search.","x-generator":"yubhub-xml-generator","x-rights":"Free to redistribute with attribution: \"Data by YubHub (https://yubhub.co)\"","x-schema":"Each entry in `jobs` follows https://schema.org/JobPosting. YubHub-native raw fields carry `x-` prefix.","jobs":[{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_791144c2-47c"},"title":"Sr Staff Production Engineer- Public Sector","description":"<p>At Databricks, we are looking for a Sr Staff Production Engineer- Public Sector to join our team. In this role, you will own and evolve the secure infrastructure, access patterns, and guardrails that keep Databricks&#39; global platform safe and compliant in production. You will be responsible for the &#39;sovereign layer&#39; of our infrastructure, ensuring that our Data Intelligence Platform operates with 100% reliability and security in highly regulated, air-gapped, and sovereign environments.</p>\n<p>Key Responsibilities:</p>\n<ul>\n<li>Design, automate, and operate the IAM, account/subscription, and project lifecycle across AWS, Azure, and GCP, enforcing least-privilege and standardized access patterns at scale.</li>\n</ul>\n<ul>\n<li>Review, implement, and continuously improve cloud identity and access policies (IAM, Okta, Opal) to align with Databricks security standards and audit requirements.</li>\n</ul>\n<ul>\n<li>Build and maintain reliable, observable automation and tooling to apply cloud changes (roles, policies, accounts, networking) safely and repeatedly.</li>\n</ul>\n<ul>\n<li>Treat operational and security issues as software problems: eliminate toil, drive root-cause analysis, and codify fixes into infrastructure and tooling.</li>\n</ul>\n<ul>\n<li>Own and improve security and audit logging data pipelines from cloud providers into our internal systems, ensuring timely, accurate data for detection, investigations, and audits.</li>\n</ul>\n<ul>\n<li>Partner with Security, Compliance, and Audit teams to provide evidence, clarifications, and policy updates that keep our environments aligned with evolving standards.</li>\n</ul>\n<ul>\n<li>Operate and improve specialized, highly regulated environments (e.g., FedRAMP / GovCloud) including release management, patching cadences, and supporting secure access workflows (e.g., SAW).</li>\n</ul>\n<ul>\n<li>Ensure high availability and resiliency for critical security and access infrastructure across these environments.</li>\n</ul>\n<ul>\n<li>Participate in a 24x7 on-call rotation for high-severity incidents impacting cloud accounts, IAM, or security data pipelines.</li>\n</ul>\n<ul>\n<li>Act as a key partner to product engineering, security engineering, and field teams during incidents to restore service and harden systems for the future.</li>\n</ul>\n<p>Requirements:</p>\n<ul>\n<li>Candidates must be eligible for a Top Secret / Sensitive Compartmented Information (TS/SCI) security clearance.</li>\n</ul>\n<ul>\n<li>Possession of a current polygraph (Counterintelligence or Full Scope) is highly desired and considered a significant plus.</li>\n</ul>\n<ul>\n<li>Education- BS, MS, or PhD in Computer Science, Engineering, or a related technical field, or equivalent practical experience.</li>\n</ul>\n<ul>\n<li>Experience: 12+ years of experience, including leading the strategy for cloud IAM, account architecture, or security-critical infrastructure across multiple environments or business units.</li>\n</ul>\n<ul>\n<li>Cloud &amp; Infrastructure Expertise</li>\n</ul>\n<ul>\n<li>Deep hands-on experience with at least one major cloud provider (AWS, Azure, or GCP) in areas such as IAM, networking, accounts/subscriptions/projects, and audit logging.</li>\n</ul>\n<ul>\n<li>Strong background in Infrastructure-as-Code and automation (e.g., Terraform, CloudFormation, or similar) and CI/CD for infrastructure changes.</li>\n</ul>\n<ul>\n<li>Security &amp; Compliance Mindset</li>\n</ul>\n<ul>\n<li>Proven experience working in or with security-sensitive or regulated environments (e.g., SOC2, FedRAMP, ISO 27001, financial services, public sector) and translating requirements into concrete technical controls.</li>\n</ul>\n<ul>\n<li>Familiarity with access review processes, policy baselines, and audit evidence for cloud environments.</li>\n</ul>\n<ul>\n<li>Operational Excellence</li>\n</ul>\n<ul>\n<li>Demonstrated success running high-availability, security-critical services, including on-call responsibilities and incident management.</li>\n</ul>\n<ul>\n<li>Strong debugging and problem-solving skills across distributed systems, with the ability to navigate ambiguous issues spanning multiple teams and platforms.</li>\n</ul>\n<p>Preferred Qualifications:</p>\n<ul>\n<li>Experience with Okta, Opal, or similar identity/access tooling.</li>\n</ul>\n<ul>\n<li>Background operating secure admin workstations (SAW) or comparable hardened access patterns.</li>\n</ul>\n<ul>\n<li>Experience migrating cloud accounts or subscriptions during M&amp;A or large-scale reorganizations.</li>\n</ul>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_791144c2-47c","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Databricks","sameAs":"https://databricks.com","logo":"https://logos.yubhub.co/databricks.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/databricks/jobs/8519396002","x-work-arrangement":"onsite","x-experience-level":"staff","x-job-type":"full-time","x-salary-range":"$195,400-$268,600 USD","x-skills-required":["Cloud IAM","Cloud infrastructure","Infrastructure-as-Code","Automation","CI/CD","Security and compliance","Access review processes","Policy baselines","Audit evidence","High-availability services","Security-critical services","On-call responsibilities","Incident management","Debugging and problem-solving skills","Distributed systems"],"x-skills-preferred":["Okta","Opal","Identity/access tooling","Secure admin workstations","Hardened access patterns","Cloud account migration","Subscription migration"],"datePosted":"2026-04-24T12:07:22.585Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Virginia"}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Cloud IAM, Cloud infrastructure, Infrastructure-as-Code, Automation, CI/CD, Security and compliance, Access review processes, Policy baselines, Audit evidence, High-availability services, Security-critical services, On-call responsibilities, Incident management, Debugging and problem-solving skills, Distributed systems, Okta, Opal, Identity/access tooling, Secure admin workstations, Hardened access patterns, Cloud account migration, Subscription migration","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":195400,"maxValue":268600,"unitText":"YEAR"}}}]}