Senior Incident Response Engineer

Overview

Snowflake empowers enterprises and individuals to achieve their full potential through impact, innovation, and collaboration. This role is designed for a high impact professional who will work West Coast hours (minimum 8am-5pm PST) and play a pivotal role in incident response.

Responsibilities

• Join a high impact team of security experts at Snowflake.
• Act as incident commander, lead analyst, or investigator for security incidents and insider threat investigations.
• Respond to incidents across various cloud service providers and maintain detailed playbooks.
• Develop scripts, tools, and methodologies to enhance incident response processes.
• Collaborate closely with Threat Detection, Automation, ProductSecurity, Legal, HR, Cloud and Data teams.
• Create and update threat detections and signatures.
• Participate in on-call rotations, sometimes beyond standard hours.
• Mentor junior incident response engineers.

Qualifications

• Strong verbal and written communication skills.
• Proven experience in incident response, security investigations, and incident command roles.
• Proficiency with investigative tools such as EDR, DLP, SIEM, and SOAR.
• Automation expertise in Python and comfort with SQL.
• Deep understanding of cloud security across multiple providers.
• Experience translating strategic goals into actionable objectives.
• Strong background in network and web protocols, Linux/Unix architecture, and forensics on various OS platforms.

Additional Information

Snowflake employees must adhere to confidentiality and security standards, keeping customer information secure. Compensation for this role includes a base salary estimated between $211,000 and $303,600 along with bonus eligibility and equity participation, as well as a competitive benefits package.

Key skills/competency

• Incident Response
• Security Investigation
• Incident Command
• Cloud Security
• Automation
• Python
• SQL
• Forensics
• SIEM
• Collaboration