Snowflake is about empowering enterprises to achieve their full potential — and people too. With a culture that’s all in on impact, innovation, and collaboration, Snowflake is the sweet spot for building big, moving fast, and taking technology — and careers — to the next level.
This person will be required to work West Coast hours, at a minimal 8am-5pm PST.
AS AN INCIDENT RESPONSE ENGINEER AT SNOWFLAKE YOU WILL:Join a high impact team of security experts to scale security at one of the fastest-growing software companies ever
Work west coast hours, at a minimal 8am - 5pm PT
Assume the role of incident commander, lead analyst, or investigator for incidents or insider threat investigations
Respond to security incidents across various cloud service providers (CSP)
Maintain playbooks and develop comprehensive and well-structured incident reports
Build scripts, tools, and methodologies to enhance Snowflake incident response
Partner closely with our Threat Detection, Automation, ProductSecurity, Legal, HR, Cloud and Data teams
Create and improve detections and threat signatures
Participate in on-call rotation periodically which may involve non-traditional working hours
Mentoring junior incident response engineers
Communicate well verbally and in writing
Has a strong growth mindset and team first attitude
Strong experience in IR, security/insider threat investigations, and running incidents as the incident commander
Experience using investigative tools such as EDR, DLP, SIEM, and SOAR
Automation experience in Python and be comfortable with SQL
Excellent understanding of cloud security across all cloud service providers
Ability to convert long term strategy into short and long-term objectives
Experience leading security projects in a fast moving environment while maintaining collaboration with key stakeholders
Knowledge of network and web protocols, and an in-depth knowledge of Linux/Unix tools and architecture
Experience conducting forensics investigations on Mac, Unix or Windows hosts
Every Snowflake employee is expected to follow the company’s confidentiality and security standards for handling sensitive data. Snowflake employees must abide by the company’s data security plan as an essential part of their duties. It is every employee's duty to keep customer information secure and confidential.
The application window is expected to be open until November 28, 2025. This opportunity will remain posted based on business needs, which may be before or after the specified date.
Snowflake is growing fast, and we’re scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake.
How do you want to make your impact?
For jobs located in the United States, please visit the job posting on the Snowflake Careers Site for salary and benefits information: careers.snowflake.com
Top Skills
What We Do
Snowflake powers the end-to-end data lifecycle – from ingesting and processing data to analyzing and modeling it, to building and sharing data and AI applications – helping engineers, analysts, and leaders innovate faster and achieve more with their data.
We're on a mission to empower every enterprise to achieve its full potential through data and AI.
Why Work With Us
Snowflake is where data does more, and so do you. More innovating, more growing, and more collaborating. Here, you’ll find the sweet spot between building big and moving fast, in technology and your career.
Gallery
_0.png)
