Snowflake is about empowering enterprises to achieve their full potential — and people too. With a culture that’s all in on impact, innovation, and collaboration, Snowflake is the sweet spot for building big, moving fast, and taking technology — and careers — to the next level.
This person will be required to work West Coast hours, at a minimal 8am-5pm PST.
AS AN INCIDENT RESPONSE ENGINEER AT SNOWFLAKE YOU WILL:Join a high impact team of security experts to scale security at one of the fastest-growing software companies ever
Work west coast hours, at a minimal 8am - 5pm PT
Assume the role of incident commander, lead analyst, or investigator for incidents or insider threat investigations
Respond to security incidents across various cloud service providers (CSP)
Maintain playbooks and develop comprehensive and well-structured incident reports
Build scripts, tools, and methodologies to enhance Snowflake incident response
Partner closely with our Threat Detection, Automation, ProductSecurity, Legal, HR, Cloud and Data teams
Create and improve detections and threat signatures
Participate in on-call rotation periodically which may involve non-traditional working hours
Mentoring junior incident response engineers
Communicate well verbally and in writing
Has a strong growth mindset and team first attitude
Strong experience in IR, security/insider threat investigations, and running incidents as the incident commander
Experience using investigative tools such as EDR, DLP, SIEM, and SOAR
Automation experience in Python and be comfortable with SQL
Excellent understanding of cloud security across all cloud service providers
Ability to convert long term strategy into short and long-term objectives
Experience leading security projects in a fast moving environment while maintaining collaboration with key stakeholders
Knowledge of network and web protocols, and an in-depth knowledge of Linux/Unix tools and architecture
Experience conducting forensics investigations on Mac, Unix or Windows hosts
Every Snowflake employee is expected to follow the company’s confidentiality and security standards for handling sensitive data. Snowflake employees must abide by the company’s data security plan as an essential part of their duties. It is every employee's duty to keep customer information secure and confidential.
The application window is expected to be open until November 28, 2025. This opportunity will remain posted based on business needs, which may be before or after the specified date.
Snowflake is growing fast, and we’re scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake.
How do you want to make your impact?
For jobs located in the United States, please visit the job posting on the Snowflake Careers Site for salary and benefits information: careers.snowflake.com
Top Skills
Snowflake Denver, Colorado, USA Office
1700 Broadway, 14th Floor, Denver, CO, United States, 80290
Similar Jobs
What you need to know about the Colorado Tech Scene
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
