Sr. Product Security Incident Response Engineer

We’re at the forefront of the data revolution, committed to building the world’s greatest data and applications platform. Our ‘get it done’ culture allows everyone at Snowflake to have an equal opportunity to innovate on new ideas, create work with a lasting impact, and excel in a culture of collaboration.

 

WHAT YOU WILL DO :

In this position, you will lead and architect the buildout of our product integrated Incident Response strategy. You’ll be expected to design, plan, and assist with the implementation of incident response requirements for the core Snowflake product, features, and backend architecture.  As the liaison between Product Security and Global Security Incident Response, you will:

• Integrate IR into our strategic and developer-driven project pipelines.
• Develop  and codify our product abuse response strategy.
• Enumerate  tech debt across the product and ensure IR needs are met by the new solutions. Represent the  Incident Response team to cloud engineering, corporate security, and other stakeholder business units.
• Assist with securing modern codebases and technologies running in a multi-cloud environment with cloud native applications.
• Join world class engineering and security teams, providing expert requirements and leadership on secure architecture, design, and implementation for high-risk projects and impactful features.
• Design and manage response and remediation capabilities built into the customer-facing and operational components of the Snowflake architecture.
• Lead with data, code, and automations in everything you do to support rapid response capabilities.
• Create substantial security impact across Snowflake, with strong support from the business.

WHAT YOU NEED :

• Experience leading and/or actively supporting an application or security systems engineering program before, and have a clear vision for how you would improve one
• Extensive experience with threat modeling, secure architecture, and security testing tools/techniques.
• A proven ability to grow and manage a small team to produce results.
• Empathy for the developer experience; we don't tell them what they shouldn’t do, we tell them how to do it securely, and with as much uptime as possible.
• Strong communication skills  with the ability to establish  and foster effective, productive business relationships

CORE QUALIFICATIONS :

• 9+ years of experience on an Information Security team aligning mostly with incident response, security engineering, or product/application security units
• In-depth understanding of Linux/UNIX systems 
• Understanding of Cloud environments, SaaS technologies, and the threat landscape of major Cloud Service Providers (AWS, Azure and Google Cloud) is highly preferred 
• Experience acquiring, processing, and/or analyzing large data sets to detect & investigate abnormal or suspicious activity
• Understanding of current attacker tactics, techniques, and procedures (TTPs)
• Capable of working with cross functional teams across security to help scale blue team operations
• Demonstrated experience of Information Security technologies and processes
• Capable of consistently engaging teams with clear and concise communication
• Capable of performing reliably consistent work with high quality and throughput
• Preferred certifications - GCIA, GCIH, GCSA, GDAT, GISP/CISSP, AWS (any path), and any other cloud service specific content
• Decent working knowledge of SQL and at least one programming language (Python, Golang, Javascript, etc..) is preferred, but not required

In accordance with applicable law, the following represents a reasonable estimate of the range of possible compensation for this role if hired in Colorado:

• The estimated pay range for this role, if based in Colorado, is $140,600 - $187,000.
• Additionally, this role is eligible to participate in Snowflake’s bonus and equity plan

Please note that this information is provided for those hired in Colorado only, and this role is open to candidates outside of Colorado with compensation that aligns with your location.  The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location. This role is also eligible for a competitive benefits package that includes: medical, dental, vision, life, and disability insurance; 401(k) retirement plan; flexible spending & health savings account; paid holidays; paid time off; employee assistance program; and other company benefits.

Snowflake is growing fast, and we’re scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake. 

How do you want to make your impact?