Principal Cloud Security Engineer

Build the future of data. Join the Snowflake team.

We’re at the forefront of the data revolution, committed to building the world’s greatest data and applications platform. Our ‘get it done’ culture allows everyone at Snowflake to have an equal opportunity to innovate on new ideas, create work with a lasting impact, and excel in a culture of collaboration.

As a member of the Cloud Security Assurance team, you’ll be responsible for maintaining (and raising) the security bar across our production cloud environments. We are looking for motivated, passionate experts in cloud security architecture and operations who can help us maintain highly defensible cloud infrastructure, and follow engineering best practices to reduce toil for our team and our internal customers.

Our ideal candidate wakes up each morning thinking about ways to scale security. Their goal is to lower risk while letting the business move quickly and safely. They believe Security should be an inherent property of the tools and processes engineers use every day. They want to Automate Everything, and they relish an opportunity to apply tooling, automation, and self-service to security workflows to increase team scale and reliability.

RESPONSIBILITIES:

Discover, remediate and validate security issues across cloud infrastructure per industry standard information security policies

Build, deploy, and manage production security tools and services to monitor networks, endpoints, and cloud workloads

Design and operate scalable processes to provision cloud access and maintain least-privilege

Maintain a reliable, easy to use and low-touch infrastructure using technologies such as Terraform, Kubernetes, and immutable images

Partner closely with security leadership, compliance and engineering to execute on security strategies for Snowflake infrastructure

Assess and propose solutions regarding cloud security to Snowflake leadership

Perform architectural and design reviews through the security lens and provide timely, actionable requirements and recommendations

MINIMUM QUALIFICATIONS:

7+ years experience deploying services on public cloud infrastructure

Detailed understanding of cloud and network security

Fluency in one or more programming or scripting languages

Experience deploying and customizing security tools to address threats and lower risk: vulnerability scanners, static analyzers, web application firewalls, IDS/IPS, endpoint security monitoring, etc.

Knowledge of networking and web protocols (TCP/IP, HTTP, TLS, REST), and the ability to analyze traffic to find anomalies

Understanding of modern cloud technology components and deployment patterns: virtual machines, containers, Kubernetes, serverless, infrastructure as code, etc.

Demonstrated ability to collaborate with other teams to achieve complex objectives

PREFERRED QUALIFICATIONS:

10+ years experience working in an information security discipline

Experience deploying services in a multi-cloud environment, with particular value on Azure and GCP expertise

Ability to write SQL queries and build dashboards, metrics, and reports to drive security outcomes

Experience using CI/CD pipelines to perform automated security testing and change management

Have read and are capable of implementing ideas from “Site Reliability Engineering” and “Building Secure & Reliable Systems”

Contributions to the security community, such as open source tools, research papers, conference talks, etc.