Sr. Security Engineer - Threat Detection

There is only one Data Cloud. Snowflake’s founders started from scratch and designed a data platform built for the cloud that is effective, affordable, and accessible to all data users. But it didn’t stop there. They engineered Snowflake to power the Data Cloud, where thousands of organizations unlock the value of their data with near-unlimited scale, concurrency, and performance. This is our vision: a world with endless insights to tackle the challenges and opportunities of today and reveal the possibilities of tomorrow.

WHAT YOU NEED:

• Proven experience in writing detections, hunting, and collaborating with incident responders.
• Strong experience in collaborating with product security and other engineering  teams to design, build, and maintain effective detections.
• A deep understanding of cloud environments, Linux systems, and complex application stacks to support threat detection initiatives.
• Ability to work with engineering teams and understand design specs, architecture documents, and code in order to deliver comprehensive and understandable threat detection requirements.
• A risk-based approach to security, backed by knowledge of the current security landscape and domain expertise in several areas.

WHAT YOU WILL DO:

• Develop and deploy detections using engineering best practices, such as testing/validation, CI/CD pipelines, detections as code, and detection development lifecycle.
• Spend equal or more time designing and architecting detections, in addition to building them.
• Actively collaborate with our product security team to mature our threat detection program, analyze gaps, and mitigate risks via detective controls.
• Build and maintain strong partnerships with stakeholders to provide detection as a service and influence engineering organizations to deliver threat detection ready architectures and features.
• Provide thought leadership and best practices to alert on malicious activity.

MINIMUM QUALIFICATIONS:

• Experience writing detections following detection as code principles.
• Experience with securing complex applications.
• An understanding of how detections fit into the overall risk management strategy of a product.
• Experience with one of the major cloud providers (AWS, Azure, GCP).

PREFERRED QUALIFICATIONS:

• Experience in SQL and development/scripting language (Go, Python, etc).
• Worked with complex production systems either as a software engineer or application security engineer.
• You’ve published or presented at conferences showcasing your thought leadership in the security space.

WHY YOU SHOULD WORK WITH US:

• We have more logs than you can point a stick at and the most powerful system in the world to analyze them with. If you enjoy having all the data at your fingertips to engineer elegant solutions, you’ll enjoy working here.
• The detections we write are unique and specific to us, requiring thoughtfulness and ingenuity.
• We’re hyper focused on ensuring our Incident Responders aren’t overwhelmed with noise. Our team is obsessed with delivering quality code.
• We have strong demand from our customers, and support from the business for security
• We are a great team that has a diverse set of backgrounds and skills
• Did we mention we are one of the fastest-growing software companies, ever? The opportunity for impact is enormous.