Security Engineer, Anti-Abuse, Streamlit Community Cloud

Bellevue, WA, USA

We’re at the forefront of the data revolution, committed to building the world’s greatest data and applications platform. Our ‘get it done’ culture allows everyone at Snowflake to have an equal opportunity to innovate on new ideas, create work with a lasting impact, and excel in a culture of collaboration.

We are looking for motivated, passionate experts in security engineering, fraud and anti-abuse to focus on protecting Streamlit Community Cloud. Streamlit is an open-source Python library that makes it easy to create and share beautiful, custom web apps for machine learning and data science. As a member of the Security and Anti-Abuse team, you’ll be responsible for building tools and strategies to defend Streamlit Community Cloud and Snowflake from bad actors and abuse. 

In this role, you will work with cross-functional partners from many teams including the Streamlit team, threat detection, incident response, and product security to analyze abuse vectors and define roadmaps and strategies. You will be responsible for anticipating and protecting against abuse threats, building necessary tools, and defining abuse detection and response playbooks.

RESPONSIBILITIES :

  • Understand and identify gaps in our anti-abuse strategy and work with stakeholders to develop an anti-abuse roadmap for Streamlit Community Cloud.
  • Evaluate the capabilities of existing security tools to detect abuse (e.g., cryptomining on the platform) and make recommendations when to buy and when to build in-house.
  • Work with stakeholders to develop, integrate and deploy abuse detection, prevention, and response capabilities.
  • Consult with development teams to provide guidance on new features and anti-abuse recommendations.
  • Operate and continuously improve existing abuse capabilities.

MINIMUM QUALIFICATIONS :

  • Bachelor's degree in Computer Science or related technical field or equivalent practical experience.
  • Fluency in one or more programming or scripting languages: Java, Python, C++, Go, JavaScript.
  • Knowledge of security engineering, computer and network security, security protocols, and applied cryptography.
  • Expert understanding of software security architecture and design, threat modeling, code review, SDLC best practices, and mitigations for common application security issues
  • Experience deploying and customizing security tools like vulnerability scanners, static analyzers, web application firewalls, endpoint security monitors to detect abuse, security threats and other risks like cryptomining, fraud detection, obfuscation/evasion techniques, etc.

PREFERRED QUALIFICATIONS :

  • Experience designing, testing, and maintaining anti-abuse solutions and/or abuse detection and response playbooks
  • Prior experience working in a high growth, cloud native technology company
  • Understanding of modern cloud technology components and deployment patterns: virtual machines, containers, Kubernetes, serverless, infrastructure as code, etc.
  • Ability to write SQL queries and build dashboards, metrics, and reports to drive security outcomes
  • Experience using CI/CD pipelines to perform automated security testing

Snowflake is growing fast, and we’re scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake. 

How do you want to make your impact?

* Salary range is an estimate based on our salary survey 💰

Tags: Application security C CI/CD Cloud Computer Science Cryptography Endpoint security Firewalls Incident response Java JavaScript Kubernetes Machine Learning Network security Product security Python Scripting SDLC SQL Strategy Threat detection

Perks/benefits: Career development Startup environment

Region: North America
Country: United States
Job stats:  6  1  0

More jobs like this

Explore more InfoSec/Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.