Sr. Product Security Incident Response Engineer

WHAT YOU WILL DO :

In this position, you will lead and architect the buildout of our product integrated Incident Response strategy. You’ll be expected to design, plan, and assist with the implementation of incident response requirements for the core Snowflake product, features, and backend architecture.  As the liaison between Product Security and Global Security Incident Response, you will:

• Integrate IR into our strategic and developer-driven project pipelines.
• Develop  and codify our product abuse response strategy.
• Enumerate  tech debt across the product and ensure IR needs are met by the new solutions. Represent the  Incident Response team to cloud engineering, corporate security, and other stakeholder business units.
• Assist with securing modern codebases and technologies running in a multi-cloud environment with cloud native applications.
• Join world class engineering and security teams, providing expert requirements and leadership on secure architecture, design, and implementation for high-risk projects and impactful features.
• Design and manage response and remediation capabilities built into the customer-facing and operational components of the Snowflake architecture.
• Lead with data, code, and automations in everything you do to support rapid response capabilities.
• Create substantial security impact across Snowflake, with strong support from the business.

WHAT YOU NEED :

• Experience leading and/or actively supporting an application or security systems engineering program before, and have a clear vision for how you would improve one
• Extensive experience with threat modeling, secure architecture, and security testing tools/techniques.
• A proven ability to grow and manage a small team to produce results.
• Empathy for the developer experience; we don't tell them what they shouldn’t do, we tell them how to do it securely, and with as much uptime as possible.
• Strong communication skills  with the ability to establish  and foster effective, productive business relationships

CORE QUALIFICATIONS :

• 9+ years of experience on an Information Security team aligning mostly with incident response, security engineering, or product/application security units
• Understanding of Cloud environments, SaaS technologies, and the threat landscape of major Cloud Service Providers (AWS, Azure and Google Cloud) is highly preferred 
• Experience and knowledge of typical software development and release lifecycle patterns and anti-patterns
• Experience with and awareness of CICD principles and industry best practices, with an emphasis on Incident Response
• Familiarity with modern software design implementations including but not limited to containerized micro services, workload sandboxing, API designs, and secret managment
• Experience acquiring, processing, and/or analyzing large data sets to detect & investigate abnormal or suspicious activity
• In-depth understanding of Linux/UNIX systems 
• Understanding of current attacker tactics, techniques, and procedures (TTPs)
• Capable of working with cross functional teams across security to help scale blue team operations
• Demonstrated experience of Information Security technologies and processes
• Capable of consistently engaging teams with clear and concise communication
• Capable of performing reliably consistent work with high quality and throughput
• Preferred certifications - GCIA, GCIH, GCSA, GDAT, GISP/CISSP, AWS (any path), and any other cloud service specific content
• Decent working knowledge of SQL and at least one programming language (Python, Golang, Javascript, etc..) is preferred, but not required