Senior Global Security Compliance Analyst
We’re at the forefront of the data revolution, committed to building the world’s greatest data and applications platform. Our ‘get it done’ culture allows everyone at Snowflake to have an equal opportunity to innovate on new ideas, create work with a lasting impact, and excel in a culture of collaboration.
Snowflake is seeking a Senior Security Compliance Analyst to join our Global Security Compliance & Risk team and help drive compliance across Product Engineering and Corporate Engineering.
The Sr. Security Compliance Analyst will be a critical and high-impact individual contributor who would perform compliance risk assessments, guide control owners to follow security and compliance best practices along with monitoring effectiveness of the controls. This role will report to the Security Compliance Manager within the Security and IT organizations.
- Conduct Compliance Risk Assessments / Compliance Impact Assessments ( CIA) of cloud based applications against all control domains (NIST or similar)
- Analyze project documentation like architecture diagrams and conduct interviews to perform risk and gap assessment
- Determine impact of new projects/changes on security & compliance posture of the organization.
- Provide compliance and control requirements to new projects.
- Provide compliant implementation standards/ best practices to achieve control requirements
- Integrate compliance and security into solution designs.
- Assess risks of security gaps, and develop remediation plans. Perform follow up activities related to drive remediation efforts.
- Support design and implementation of automated tools for compliance . Design self service oriented solutions for scaling compliance operations and derive repeatable audit artifacts.
- Provide Audit Support as required.Engage with Engineering teams for readiness assessments, testing, control review for annual and on-going compliance audits (like SOX, ISO, SOC). Provide compliance consultation to design effective and complaint processes.
- Identify risks, process improvements and design automated monitoring solutions for control areas like Change Management,Release Management, SDLC, Configuration Management, Logging, Software Supply Chain. Drive implementation of effective controls.
- Assist with development of compliance documentation, policies and processes in support of requirements and ensure that controls are operating effectively.
- Develop a close partnership with engineering to educate and inform them around priority and importance of compliance requirements. Ability to identify risk-appropriate control implementation solutions while considering engineering and business priorities with compliance needs.
- Work cross-functionally to drive security control implementation for the organization.
- 7+ years of related work experience in Information Security Governance, Risk and Compliance (GRC) or relevant Compliance roles in the tech industry. Big 4 consulting experience is a plus.
- Minimum 3 years prior experience auditing cloud environments (AWS, Azure, and GCP), performing compliance assessments , conducting risk assessments and / or driving audits like SOX,ISO, SOC, PCI DSS
- Ability to multitask and manage simultaneous projects
- Ability to organize, conduct and drive meetings and outcomes independently. Must be aware of and deliver quality stakeholder engagement experience in a fast-paced, innovative environment
- Strong analytical, communication (verbal and written), and project management skills
- Ability to learn, understand, and work with new emerging technologies, methodologies, and solutions in the Cloud/IT technology space.
- Certification preferred in one or more of the following: CISA, CISSP, CISM, Cloud platforms such as AWS, Azure or GCP
- Warsaw, ability to support, attend meetings with US / Pune based team as required
Snowflake is growing fast, and we’re scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake.
How do you want to make your impact?
Perks/benefits: Team events
Other jobs like this
Explore more Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Infrastructure Security Engineer jobs
- Open Head of Information Security jobs
- Open Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Senior Penetration Tester jobs
- Open SOC Analyst jobs
- Open Lead Security Engineer jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior SOC Analyst jobs
- Open Cyber Security Specialist jobs
- Open Senior Air Defense/BMD Subject Matter Expert jobs
- Open Senior Security Analyst jobs
- Open Staff Application Security Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Application Security Engineer/Architect jobs
- Open Staff Product Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Offensive Security Engineer jobs
- Open Security Researcher jobs
- Open Network security-related jobs
- Open Clearance-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Analytics-related jobs
- Open Java-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open CISA-related jobs
- Open CISM-related jobs
- Open CI/CD-related jobs
- Open SQL-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open Security assessment-related jobs
- Open Splunk-related jobs
- Open Finance-related jobs
- Open PowerShell-related jobs