Snowflake Platform Engineer

About The Position

Requirements

• Bachelor’s degree, or equivalent work experience
• Five to six years of relevant experience.
• 5+ years of software engineering experience with a strong focus on infrastructure, platform, or cloud‑native systems
• 2+ years of Snowflake administration at the account/platform level (beyond SQL development)
• Advanced Terraform expertise, including reusable module design, remote state management, provider versioning, and CI/CD integration
• Deep experience with Azure networking, including Private Link, VNet peering, Private DNS Zones, and Network Security Groups (NSGs)
• Strong background in identity and access management, including Entra ID (Azure AD), SAML, SCIM, and OAuth 2.0
• Hands‑on experience with secrets management using HashiCorp Vault and/or Azure Key Vault
• Proven experience building and maintaining CI/CD pipelines, preferably GitLab CI, with policy‑as‑code enforcement
• Strong security mindset, including RBAC design, least‑privilege access, and audit logging

Nice To Haves

• Snowflake certifications, such as SnowPro Advanced (Architect or Administrator)
• Experience with Snowflake Business Critical Edition, including Tri‑Secret Secure and customer‑managed keys
• Familiarity with CrowdStrike Falcon Shield or similar SSPM/security posture management tools
• Experience with the Databricks platform, including coexistence or integration architectures
• Background working in financial services or regulated environments (SOX, GLBA, CCPA)
• Hands‑on experience with IaC security scanning tools (e.g., Checkov, tfsec, Semgrep)
• Working knowledge of Kubernetes / AKS, particularly for workloads integrating with Snowflake

Responsibilities

• Design, build, and operate the enterprise Snowflake data platform supporting multiple business domains (Finance, HR, Supply Chain)
• Own the Snowflake platform lifecycle, including account topology, RBAC, network architecture, governance, CI/CD automation, and disaster recovery
• Build and maintain multi‑account Snowflake environments (PROD / NONPROD / DEV) on Snowflake Business Critical edition
• Implement secure Azure Private Link connectivity, including private endpoints, Private DNS Zones, and network policy enforcement
• Develop and maintain Terraform modules to automate provisioning of Snowflake resources (databases, schemas, warehouses, roles, tags, monitors, integrations)
• Enable self‑service platform consumption through validated YAML manifests deployed via Shield CI/CD pipelines
• Integrate Snowflake with Entra ID (Azure AD) using SAML SSO, SCIM provisioning, and enterprise RBAC patterns
• Manage service account authentication, secrets, and key rotation using HashiCorp Vault and Azure Key Vault
• Enforce security and compliance controls, including data masking, row‑level security, object tagging, audit logging, and policy‑as‑code
• Embed infrastructure and supply‑chain security scanning into CI/CD pipelines (Checkov, tfsec, Semgrep, Snyk)
• Design for resiliency and cost efficiency, including warehouse sizing, resource monitors, cost allocation tags, and chargeback reporting
• Own cross‑region disaster recovery, replication strategies, and RPO/RTO adherence
• Govern secure data sharing patterns and monitor data sharing usage and approvals
• Partner with Cloud, IAM, Security, and FinOps teams to ensure alignment with enterprise standards and regulatory requirements

Benefits

• Healthcare (medical, dental, vision)
• Basic term and optional term life insurance
• Short-term and long-term disability
• Pregnancy disability and parental leave
• 401(k) and employer-funded retirement plan
• Paid vacation (from two to five weeks depending on salary grade and tenure)
• Up to 11 paid holiday opportunities
• Adoption assistance
• Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law