Anti-Abuse Threat Detection Engineer

See more jobs from Snowflake Inc.

over 1 year old

This job is no longer active

Build the future of data. Join the Snowflake team.

The Anti-Abuse Team works to proactively identify, prevent, detect and respond to abuse threats before they harm Snowflake, its users, or third parties. We own malicious code scanning infrastructure, abuse risk consultations with product teams, abuse threat detection and incident response. We closely collaborate with product security and global security threat detection and incident response teams. The team is distributed between Bellevue, WA and San Mateo, CA offices.

RESPONSIBILITIES

  • Identify abuse signals, write detections and respond to abuse incidents across the Snowflake platform.
  • Operate and continuously improve existing abuse detection and response capabilities.
  • Evaluate abuse detection capabilities of third-party security tools (e.g., cryptomining on the platform) and make recommendations when to buy and when to build in-house.
  • Collect, transform, and ingest raw data from disparate sources into threat detection pipelines.
  • Develop and share knowledge of abuse analysis/investigation tools and techniques.
  • Identify threat detection data and capability requirements for new product launches and work with product teams on addressing those requirements.
  • Write proof of concept solutions demonstrating exploitation of abusable platform features and capabilities.

MINIMUM QUALIFICATIONS

  • 2+ years of threat detection and incident response experience.
  • Expert knowledge of Python and SQL, and familiarity with other programming languages.
  • Knowledge of security engineering, computer and network security, security protocols, and applied cryptography.
  • Ability to write SQL queries and build dashboards, metrics, and reports to drive desired security outcomes.
  • Ability to communicate results clearly and focus on impact.

PREFERRED QUALIFICATIONS

  • 4+ years of threat detection and incident response experience.
  • Experience with abuse risk identification, prevention, detection, and response.
  • Experience with the Snowflake data cloud.
  • Familiarity with big data analysis and query optimization.
  • Good grasp on security controls of one of the major cloud providers (AWS, Azure, GCP).
  • An adversarial mindset, understanding the objectives and TTPs of abuse threat actors.