Senior Penetration Tester (Product Security)

See more jobs from Snowflake Inc.

over 1 year old

This job is no longer active

We’re at the forefront of the data revolution, committed to building the world’s greatest data and applications platform. Our ‘get it done’ culture allows everyone at Snowflake to have an equal opportunity to innovate on new ideas, create work with a lasting impact, and excel in a culture of collaboration.

WHAT YOU NEED:

  • You break things, and you want to break them anywhere, in any cloud - and you have solid 5+ years of experience doing that.
  • You eat and sleep offensive security research, bug bounties, CTFs, fuzzing, tools, and techniques.
  • You find and exploit bugs in:
    • C++, Java, JavaScript, Go, and Python
    • Kubernetes, AWS, GCP, or Azure
    • Memory management, namespaces, cgroups, etc.
  • You have a passion for writing code to solve problems combined with an interest in Offensive Security.
  • You can demonstrate a strong background in one of the following languages:
    • Golang, Python, Java, JavaScript, C++, C
  • Strong communications skills to comfortably work cross-functionally across the organization.
  • You are a strong communicator who is comfortable working cross-functionally, with a track record of delivering results.

WHAT YOU WILL DO: 

  • Develop tools, methodologies and infrastructure to support penetration testing engagements in a variety of cloud environments and novel platforms.
  • Perform penetration testing engagements against a diverse cloud environment and find vulnerabilities in software, systems, and networks.
  • Set scope, objectives, and timelines for penetration testing engagements and leverage data to create useful metrics.
  • Work with security and engineering teams to communicate findings, recommendations, and knowledge to key stakeholders.
  • Play a critical role in building an AppSec program that has a wide scope and impact.

WHY YOU SHOULD WORK WITH US:

  • We are laser focused on doing security better, and we do not tolerate the status quo.
  • Snowflake AppSec program is very innovative - think about Threat Modeling as Code, autonomous security champions and developer-driven security where the engineers write security unit tests themselves.
  • We are exploring new security domains across clouds and through the Snowflake platform.
  • We have strong demand from our customers, and support from the business for security.
  • We are a great team that combines a diverse set of backgrounds and skills.
  • Did we mention we are one of the fastest-growing software companies, ever? The opportunity for impact is enormous.