Principal Security Engineer – Threat Intelligence

🕒 May 15

🇺🇸 United States – Remote

💵 $249k - $311k / year

⏰ Full Time

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Snowflake

WebsiteLinkedInAll Job Openings

5001 - 10000 employees

Founded 2012

☁️ SaaS

Cloud Computing • Data Analytics • SaaS

Snowflake is a cloud-based data-warehousing company that provides a platform for data storage, processing, and analytics. It allows businesses to store data in a centralized location and perform complex queries and analytics on that data efficiently. Snowflake is designed to handle a wide range of data workloads and can scale dynamically to meet the needs of growing businesses.

📋 Description

• Help define and mature the strategy for Threat Intelligence at Snowflake, including where the program should invest in people, processes, engineering, and AI-enabled capabilities. • Identify, profile, and track threat actors targeting Snowflake, our customers, partners, and ecosystem, and translate that intelligence into relevant, actionable outcomes. • Operationalize threat intelligence to help prioritize security initiatives and drive action with the relevant security teams and stakeholders. • Produce high-quality intelligence reports, assessments, briefs, and leadership-ready communications based on external events, internal requirements, and proactive research. • Engineer solutions that improve the efficiency, scale, and impact of the Threat Intelligence program, including automations, collection pipelines, enrichment workflows, and analyst tooling. • Build and improve AI-assisted intelligence workflows for tasks such as report triage, signal enrichment, summarization, vendor/customer monitoring, and threat-informed hunts, with strong measurement and quality. • Partner closely with Threat Detection, Incident Response, and other security teams to convert intelligence into detections, threat hunts, investigative pivots, and control recommendations. • Monitor alerts, intelligence feeds, vendor reporting, and external developments for threat events that may affect Snowflake. • Drive standards for how intelligence is curated, evaluated, delivered, and measured so the program remains high-signal, timely, and scalable. • Mentor other engineers and analysts by raising the team’s technical depth, analytic rigor, and operational maturity.

🎯 Requirements

• Deep experience in threat intelligence, with strong background in several of: adversary intelligence, intrusion intelligence, supply-chain intelligence, identity intelligence, domain intelligence, and threat-informed defense. • Strong understanding of today’s threat actor ecosystem, including nation-state actors, criminal organizations, ransomware groups, fraud ecosystems, and the platforms and communities that enable them. • Demonstrated ability to operationalize threat intelligence and influence security priorities in partnership with detection, incident response, product security, cloud security, anti-abuse, and other stakeholders. • Strong engineering skills, including experience writing code in high-level languages such as Python or Go, building automations, and working with data-heavy security workflows. • Experience building or driving AI-assisted workflows for intelligence analysis, research triage, summarization, collection, prioritization, or investigative support, and good judgment about where AI adds value versus where human analysis is required. • Ability to research threat actors’ TTPs, infrastructure, targets, and objectives, and map those risks to Snowflake’s product, enterprise, and customer environment. • Experience with OSINT tools, data sources, investigative methodologies, and intelligence reporting for technical and executive audiences. • Strong understanding of threat hunting and threat detection methodologies, and the ability to turn intelligence into hunts, detection opportunities, and control recommendations. • A risk-based approach to security, with the ability to prioritize work based on business impact and evolving threat conditions. • A humble, team-oriented mindset with a bias toward collaboration, execution, and raising the bar for the broader team.

🏖️ Benefits

• We are laser focused on doing security better, and we do not tolerate the status quo. • We have strong demand from our customers and strong support from the business for security, giving us meaningful runway to build next-generation capabilities. • We are a great team with a diverse set of backgrounds and skills, and we care deeply about impact, collaboration, and execution. • You will help solve security problems at global scale, leveraging Snowflake’s platform and modern AI capabilities to raise the bar for defenders. • The opportunity for impact on Snowflake, our customers, and the broader security ecosystem is enormous.