Security Engineer, Anti-Abuse, Streamlit Community Cloud

See more jobs from Snowflake Inc.

over 1 year old

This job is no longer active

Build the future of data. Join the Snowflake team.

We are looking for motivated, passionate experts in security engineering, fraud and anti-abuse to focus on protecting Streamlit Community Cloud. Streamlit is an open-source Python library that makes it easy to create and share beautiful, custom web apps for machine learning and data science. As a member of the Security and Anti-Abuse team, you’ll be responsible for building tools and strategies to defend Streamlit Community Cloud and Snowflake from bad actors and abuse. 

In this role, you will work with cross-functional partners from many teams including the Streamlit team, threat detection, incident response, and product security to analyze abuse vectors and define roadmaps and strategies. You will be responsible for anticipating and protecting against abuse threats, building necessary tools, and defining abuse detection and response playbooks.

RESPONSIBILITIES :

  • Understand and identify gaps in our anti-abuse strategy and work with stakeholders to develop an anti-abuse roadmap for Streamlit Community Cloud.
  • Evaluate the capabilities of existing security tools to detect abuse (e.g., cryptomining on the platform) and make recommendations when to buy and when to build in-house.
  • Work with stakeholders to develop, integrate and deploy abuse detection, prevention, and response capabilities.
  • Consult with development teams to provide guidance on new features and anti-abuse recommendations.
  • Operate and continuously improve existing abuse capabilities.

MINIMUM QUALIFICATIONS :

  • Bachelor's degree in Computer Science or related technical field or equivalent practical experience.
  • Fluency in one or more programming or scripting languages: Java, Python, C++, Go, JavaScript.
  • Knowledge of security engineering, computer and network security, security protocols, and applied cryptography.
  • Expert understanding of software security architecture and design, threat modeling, code review, SDLC best practices, and mitigations for common application security issues
  • Experience deploying and customizing security tools like vulnerability scanners, static analyzers, web application firewalls, endpoint security monitors to detect abuse, security threats and other risks like cryptomining, fraud detection, obfuscation/evasion techniques, etc.

PREFERRED QUALIFICATIONS :

  • Experience designing, testing, and maintaining anti-abuse solutions and/or abuse detection and response playbooks
  • Prior experience working in a high growth, cloud native technology company
  • Understanding of modern cloud technology components and deployment patterns: virtual machines, containers, Kubernetes, serverless, infrastructure as code, etc.
  • Ability to write SQL queries and build dashboards, metrics, and reports to drive security outcomes
  • Experience using CI/CD pipelines to perform automated security testing