Where Data Does More. Join the Snowflake team.
Snowflake started with a clear vision: develop a cloud data platform that is effective, affordable, and accessible to all data users. Snowflake developed an innovative new product with a built-for-the-cloud architecture that combines the power of data warehousing, the flexibility of big data platforms, and the elasticity of the cloud at a fraction of the cost of traditional solutions. We are now a global, world-class organization with offices in more than a dozen countries and serving many more.
AS A SECURITY TRIAGE ANALYST II AT SNOWFLAKE, YOU WILL:
Serve as the front-line of our global Incident Response Team.
Triage security alerts for insider threats, product security incidents, and traditional security events.
Determine the scope and impact of incidents from various alerting systems that monitor corporate IT and production environments, while staying within SLAs.
Escalate validated threats or take remediation actions.
Contribute to and follow incident response playbooks and runbooks.
Provide incident support during major security incidents.
Hone your technical and analytical skills while gaining invaluable experience working with a global team and learning from industry experts.
OUR IDEAL SECURITY TRIAGE ANALYST II WILL HAVE:
Experience: 2+ years on a Global Security Operations, Incident Response Team, or in a similar role.
Education: A Bachelor's or Master's degree in Information Security or an equivalent discipline.
Location: Pacific Time Zone
Analysis Skills:
Experience analyzing phishing reports, including email headers, URLs, and dynamic & static file analysis.
Ability to analyze host logs (Windows, Linux, MacOS) and identify abnormal patterns, such as processes running from non-standard folders, attempts to bypass security controls, and unusual network connections/requests.
Cloud & Networking Knowledge:
Experience with one or more of the top three cloud providers (AWS, Azure, GCP).
Experience with console audit log investigations (e.g., CloudTrail).
Strong understanding of networking fundamentals (TCP/IP, HTTP, DNS, Subnetting, VLAN, NAT) and basic network and system forensic principles.
Linux & Command Line:
Experience with the Linux CLI, including the ability to navigate the OS, execute basic commands, and interact with logs and directories.
Knowledge of important files and directories (e.g.,
/etc/shadow, /var/log/) and an understanding of user and file permissions.
Programming & Databases:
The ability to read, write, and modify SQL queries.
Proven understanding of the fundamentals of object-oriented programming.
Containerization:
Tools: Experience using security tools and platforms such as Snowflake, CrowdStrike, GitHub, GitLab, Sublime, Google Workspace Admin logs, Obsidian Security, Code42, Tines, and GitGuardian.
Soft Skills:
A team-first, no-ego mindset.
Excellent written and verbal communication skills.
Self-starter with a mindset of ownership and curiosity.
ADDITIONAL ROLE DETAILS:
On-Call Rotation: This role requires an on-call rotation of approximately once per quarter.
Snowflake is growing fast, and we’re scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake.
How do you want to make your impact?
For jobs located in the United States, please visit the job posting on the Snowflake Careers Site for salary and benefits information: careers.snowflake.com
