Lead Security Engineer - Incident Response
There is only one Data Cloud. Snowflake’s founders started from scratch and designed a data platform built for the cloud that is effective, affordable, and accessible to all data users. But it didn’t stop there. They engineered Snowflake to power the Data Cloud, where thousands of organizations unlock the value of their data with near-unlimited scale, concurrency, and performance. This is our vision: a world with endless insights to tackle the challenges and opportunities of today and reveal the possibilities of tomorrow.
Considering the current scenario the hiring and onboarding process will be virtual .
Overall Security Experience Required - 10+ years
What you will do:
- Build best in class incident response program
- Constantly improve our incident response capabilities
- Create and maintain documentation for the whole incident response lifecycle
- Coordinate and manage resolution of a wide range of cyber security incidents
- Communicate with senior leadership about complex security issues and their impact
- Leading a culture of excellence while mentoring junior engineers
- Review and analyze cyber threats and provide SME support and training to junior level security analysts
- Interact and assist other investigative teams on time sensitive, critical investigations
- Act as a liaison between engineering, product, enterprise, and IT project teams to ensure effective project implementation that meets incident response requirements
- Work with colleagues in other technology departments as well as the business and product teams to establish effective, productive business relationships
What you will need to succeed:
- Excellent analytical and investigative skills
- Comfortable analyzing a variety of malicious artifacts as well as endpoints, network and application logs
- Extensive experience in incident response and response automation
- Experience in handling digital evidence
- Ability to write and deploy your own tools and automation (preferably Python)
- Knowledge of network and web protocols, and an in-depth knowledge of Linux/Unix tools and architecture
Why you should work with us:
- Join a high impact team of security experts to scale security at one of the fastest-growing software companies ever.
- We are laser focused on doing security better, and we do not tolerate the status quo.
- We have strong demand from our customers, and support from the business for security.
- We are a great team that combines a diverse set of backgrounds and skills.
- 10+ years of hands on experience in incident response, threat detection, threat hunting or intrusion role
- Experience analysing large data sets to detect & investigate malicious activity across the ecosystem
- Good working knowledge of SQL and at least one programming language (Python is preferred)
- In-depth understanding of Cloud and SaaS technologies and know the way around threats in multiple Cloud Platforms (AWS, Azure and Google Cloud)
- Understanding attacker methods and technologies
- Capable of working with cross functional teams across security to help scale Blue team activities
- Demonstrated experience of Information Security process and technologies
- Capable of consistently engaging team with clear and concise communication
- Capable of performing reliably consistent work with high quality and throughput
- Preferred certifications - GCIA, GCIH, GCTI, CISSP
Snowflake is growing fast, and we’re scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake.
How do you want to make your impact?