Security Triage Analyst

See more jobs from Snowflake Inc.

about 1 year old

This job is no longer active

We’re at the forefront of the data revolution, committed to building the world’s greatest data and applications platform. Our ‘get it done’ culture allows everyone at Snowflake to have an equal opportunity to innovate on new ideas, create work with a lasting impact, and excel in a culture of collaboration.

AS A SECURITY TRIAGE ANALYST AT SNOWFLAKE, YOU WILL:

  • Be part of a global team and learn from the industry’s best-in-class experts.
  • Serve as the front-line of our Incident Response Team.
  • Triage security alerts and take remediation or escalation actions.
  • Participate in an on-call rotation.
  • Hone your technical and analytical skills while gaining invaluable experience.

OUR IDEAL SECURITY TRIAGE ANALYST WILL HAVE:

  • Experience analyzing emails and determining if they are Phishing.
    • Email header analysis.
    • URL analysis.
    • Basic Dynamic & Static file analysis.
  • Basic knowledge of SQL.
    • Ability to read and write SQL queries and operate across multiple tables.
    • Knowledge to modify existing SQL queries to solve new problems.
  • Basic knowledge of Cloud Computing & Infrastructure. Examples include:
    • Speaking intelligently about: Virtual Machines, Web Servers, Load Balancers, Reverse Proxies, Firewalls, etc.
    • Can explain the benefits of serverless computing (e.g., AWS Lambda).
    • Basic experience with one or more of the top three cloud providers (AWS, Azure, GCP).
  • Basic knowledge of Networking. Examples include:
    • TCP/IP, OSI Model, Subnetting, VLAN, NAT, DNS, etc.
  • Experience with the Linux CLI. Examples include:
    • Ability to navigate the OS & execute basic commands.
    • Interact with files and directories (e.g. create, read, update, delete).
    • Know important files & directories (e.g. /etc/shadow, /var/log/, etc.).
    • Understand user & file permissions.
  • Basic understanding of Containerization. Examples include:
    • Experience running a Dockerized application in the cloud or locally.
    • Ability to explain benefits and drawbacks of containerization.

BONUS POINTS FOR EXPERIENCE WITH THE FOLLOWING:

  • Prior experience using Snowflake.
  • Python Programming.
  • Regular Expressions.
  • Knowledge and use of APIs.
  • Experience working with a low-code / no-code automation or SOAR platform.
  • Knowledge of Industry Standard Security Frameworks/Processes
    • MITRE ATT&CK
    • NIST/SANS Incident Response
    • Cyber Kill Chain
  • Basic understanding of Infrastructure as Code (IaC).