Security Engineer - Threat Detection

About The Position

Requirements

• Security Engineering Experience (Threat Detection, Incident Response, Threat Hunting, Product Security, Corporate Security, or other related disciplines)
• Solid experience writing code—whether in software engineering, data engineering, or building automations (Python, Go, etc.), with a desire to apply these skills to AI/ML-powered use cases in detection and response.
• Experience collaborating with various security teams and stakeholders
• Ability to review and analyze logging and observability requirements that support detection and response
• A risk-based approach to security to help prioritize key security initiatives and determine when AI provides meaningful value over traditional rules and heuristics.
• Knowledge of the current security landscape with domain knowledge in several of: cloud security, identity and access, SaaS security, endpoint security, data security, and insider risk.
• An automation-first mindset for scaling security, including comfort with CI/CD, infrastructure as code, and “detections as code.”
• Be a humble, team-oriented engineer who prioritizes team success in a zero-ego environment.
• Experience with development in a high-level programming language (Go, Python, etc.), and comfort applying those skills to data-heavy, automation, or AI-related projects.
• Experience handling data programmatically (SQL, Python, etc.), ideally including large-scale log and telemetry datasets used for detection logic or analytics.
• Experience writing production code including unit tests, version control, and CI/CD integration.
• Experience with at least one major cloud provider (AWS, Azure, GCP) and understanding of its native logging, monitoring, and security services.
• Familiarity with the risks that impact SaaS products and workstations (e.g., account compromise, data exfiltration, phishing, supply chain attacks)

Nice To Haves

• Computer Science degree or equivalent practical experience
• Experience developing and working with systems that utilize infrastructure as code (e.g., Terraform, CloudFormation), and/or “detections as code” frameworks
• Experience building and maintaining production-level software or platforms that process high-volume data streams (e.g., logging, metrics, traces) or power security analytics
• Experience deploying detections at a global scale
• Experience with Snowflake or equivalent cloud data platforms, including building data pipelines or analytics that could support security workloads

Responsibilities

• Develop and deploy detections using modern engineering practices (testing/validation, CI/CD pipelines, detections as code, detection development lifecycle, etc.), including both rules-based and AI-assisted detections.
• Mature our threat detection program by analyzing gaps and mitigating risks via detective controls, including experimentation with AI/ML approaches where they improve signal-to-noise ratio or analyst efficiency.
• Build and maintain strong partnerships with our stakeholders to provide detection as a service, including self-service patterns, reusable components, and AI-enhanced detections that support their domains.
• Continuously measure and improve detection quality (coverage, precision/recall, false positive rate, latency)

Benefits

• We are laser focused on doing security in the agentic era, and we do not tolerate the status quo
• We have strong demand from our customers and strong support from the business for security, giving us both mandate and runway to invest in next-generation, AI-driven detection and response capabilities
• We are a great team with a diverse set of backgrounds and skills and we are excited to add engineers who want to push the frontier of AI in security
• You want to be part of a team solving Security Threat Detection at a global scale, leveraging Snowflake’s own data platform and AI capabilities to build detections and workflows that meaningfully raise the bar for defenders
• Did we mention we are one of the fastest-growing software companies ever? The opportunity for impact—on both Snowflake and the broader security ecosystem—is enormous
• Snowflake is growing fast, and we’re scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake.