Snowflake12.05.2026

Principal Security Engineer - Threat Intelligence

Полная занятостьУдалёнка

Обязанности

  • 01Help define and mature the strategy for Threat Intelligence at Snowflake, including where the program should invest in people, processes, engineering, and AI-enabled capabilities
  • 02Identify, profile, and track threat actors targeting Snowflake, our customers, partners, and ecosystem, and translate that intelligence into relevant, actionable outcomes
  • 03Operationalize threat intelligence to help prioritize security initiatives and drive action with the relevant security teams and stakeholders
  • 04Produce high-quality intelligence reports, assessments, briefs, and leadership-ready communications based on external events, internal requirements, and proactive research
  • 05Engineer solutions that improve the efficiency, scale, and impact of the Threat Intelligence program, including automations, collection pipelines, enrichment workflows, and analyst tooling
  • 06Build and improve AI-assisted intelligence workflows for tasks such as report triage, signal enrichment, summarization, vendor/customer monitoring, and threat-informed hunts, with strong measurement and quality
  • 07Partner closely with Threat Detection, Incident Response, and other security teams to convert intelligence into detections, threat hunts, investigative pivots, and control recommendations
  • 08Monitor alerts, intelligence feeds, vendor reporting, and external developments for threat events that may affect Snowflake
  • 09Drive standards for how intelligence is curated, evaluated, delivered, and measured so the program remains high-signal, timely, and scalable
  • 10Mentor other engineers and analysts by raising the team’s technical depth, analytic rigor, and operational maturity

Требования

  • 01Deep experience in threat intelligence, with strong background in several of: adversary intelligence, intrusion intelligence, supply-chain intelligence, identity intelligence, domain intelligence, and threat-informed defense
  • 02Strong understanding of today’s threat actor ecosystem, including nation-state actors, criminal organizations, ransomware groups, fraud ecosystems, and the platforms and communities that enable them
  • 03Demonstrated ability to operationalize threat intelligence and influence security priorities in partnership with detection, incident response, product security, cloud security, anti-abuse, and other stakeholders
  • 04Strong engineering skills, including experience writing code in high-level languages such as Python or Go, building automations, and working with data-heavy security workflows
  • 05Experience building or driving AI-assisted workflows for intelligence analysis, research triage, summarization, collection, prioritization, or investigative support, and good judgment about where AI adds value versus where human analysis is required
  • 06Ability to research threat actors’ TTPs, infrastructure, targets, and objectives, and map those risks to Snowflake’s product, enterprise, and customer environment
  • 07Experience with OSINT tools, data sources, investigative methodologies, and intelligence reporting for technical and executive audiences
  • 08Strong understanding of threat hunting and threat detection methodologies, and the ability to turn intelligence into hunts, detection opportunities, and control recommendations
  • 09A risk-based approach to security, with the ability to prioritize work based on business impact and evolving threat conditions
  • 10A humble, team-oriented mindset with a bias toward collaboration, execution, and raising the bar for the broader team
  • 11Significant experience in threat intelligence, cyber threat research, intelligence engineering, or closely related security disciplines
  • 12Experience researching and tracking sophisticated threat actors targeting cloud-native and SaaS environments