Snowflake
cloud data platform
PrincipalSecurityEngineer-ThreatIntelligence
Neural analysis suggests this role is
optimal for Principal candidates.
“Principal Security Engineer - Threat Intelligence at Snowflake. Skills: threat intelligence, AI and automation, engineering, program leadership, adversary intelligence, intrusion intelligence, supply-chain intelligence, identity intelligence, domain intelligence, threat-informed defense, cloud security, SaaS security. Help define and mature the strategy for Threat Intelligence at Snowflake. Identify, profile, and track threat actors targeting Snowflake, our customers, partners, and ecosystem”
Industry & Context.
solve problems; accelerate your impact; map those risks to Snowflake’s product, enterprise, and customer environment; analytical rigor
What They're Looking For.
Must Have
Deep experience in threat intelligence, with background in several of: adversary intelligence, intrusion intelligence, supply-chain intelligence, identity intelligence, domain intelligence, and threat-informed defense., understanding of today’s threat actor ecosystem, including nation-state actors, criminal organizations, ransomware groups, fraud ecosystems, and the platforms and communities that enable them., Demonstrated ability to operationalize threat intelligence and influence security priorities in partnership with detection, incident response, product security, cloud security, anti-abuse, and other stakeholders., engineering skills, including experience writing code in high-level languages such as Python or Go, building automations, and working with data-heavy security workflows., Experience building or driving AI-assisted workflows for intelligence analysis, research triage, summarization, collection, prioritization, or investigative support, and good judgment about where AI adds value versus where human analysis is required., Ability to research threat actors’ TTPs, infrastructure, targets, and objectives, and map those risks to Snowflake’s product, enterprise, and customer environment., Experience with OSINT tools, data sources, investigative methodologies, and intelligence reporting for technical and executive audiences., understanding of threat hunting and threat detection methodologies, and the ability to turn intelligence into hunts, detection opportunities, and control recommendations., A risk-based approach to security, with the ability to prioritize work based on business impact and evolving threat conditions., Significant experience in threat intelligence, cyber threat research, intelligence engineering, or closely related security disciplines., Experience researching and tracking sophisticated threat actors targeting cloud-native and SaaS environments., Experience writing code in a high-level programming language such as Python or Go and using code to automate manual workflows or analyze security data at scale., Experience handling data programmatically using tools such as SQL and Python, ideally against large datasets relevant to security analytics or intelligence workflows., Experience collaborating across multiple security functions and communicating effectively with technical stakeholders and leadership., understanding of enterprise security controls, threat hunting, and detection methodologies., Experience with one or more major cloud providers (AWS, Azure, GCP) and familiarity with the risks that impact cloud and SaaS environments.
Nice to Have
Experience leading or materially shaping a Threat Intelligence program at scale., Experience building AI/ML-assisted security workflows or evaluating AI systems for security use cases., Experience with data engineering, workflow orchestration, or production-grade systems that support intelligence or security operations at scale., Experience with Snowflake or equivalent cloud data platforms for large-scale analysis and investigative workflows., Experience presenting externally, publishing research, or demonstrating thought leadership in the security space., Experience building capabilities that support intelligence-driven detection, hunting, or response at a global scale.
What You'll Do.
Help define and mature the strategy for Threat Intelligence at Snowflake
and track threat actors targeting Snowflake
Operationalize threat intelligence to help prioritize security initiatives and drive action
Produce high-quality intelligence reports
and leadership-ready communications
Engineer solutions that improve the efficiency
and impact of the Threat Intelligence program
Build and improve AI-assisted intelligence workflows
Partner closely with Threat Detection
and other security teams to convert intelligence into detections
and control recommendations
and external developments for threat events
Drive standards for how intelligence is curated
Mentor other engineers and analysts
How You'll Work.
Team & Collaboration
building durable partnerships across Security and Engineering; partnership with detection, incident response, product security, cloud security, anti-abuse, and other stakeholders; Partner closely with Threat Detection, Incident Response, and other security teams; team-oriented mindset with a bias toward collaboration
Communication Scope
intelligence reporting for technical and executive audiences; communicating effectively with technical stakeholders and leadership; leadership-ready communications
Process & Methodology
driving program maturity
Full Job Description
At Snowflake, we are powering the era of the agentic enterprise. To usher in this new era, we seek AI-native thinkers across every function who are energized by the opportunity to reinvent how they work. You don’t just use tools; you possess an innate curiosity, treating AI as a high-trust collaborator that is core to how you solve problems and accelerate your impact. We look for low-ego individuals who thrive in dynamic and fast-moving environments and move with an experimental mindset — who rapidly test emerging capabilities to discover simpler, more powerful ways to deliver results. At Snowflake, your role isn't just to execute a function, but to help redefine the future of how work gets done. Snowflake has developed a world class cloud data platform that is effective, affordable and accessible to all data users. As we continue to scale globally, we are investing in security capabilities that help us better understand, anticipate, and mitigate threats targeting Snowflake, our customers, and our ecosystem. We are looking for a Principal Security Engineer - Threat Intelligence who will help shape the next phase of Snowflake’s Threat Intelligence program and extend the reach and impact of Threat Intelligence across Snowflake. This role will combine deep intelligence expertise with strong engineering and program leadership skills, with AI and automation as core primitives in how we collect, analyze, prioritize, and operationalize intelligence. The ideal candidate will help Snowflake leadership and security stakeholders make informed, risk-based, and data-driven decisions based on actionable threat intelligence. You will identify and track threat actors targeting cloud-native environments such as Snowflake, translate intelligence into concrete defensive outcomes, and build scalable approaches that improve how intelligence is delivered across the company. This is a principal-level individual contributor role for someone who can operate strategically and technically: dr
Applying for this Principal Security Engineer - Threat Intelligence role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Ashby
- Ashby is a fast modern ATS — most applications take under 3 minutes.
- The resume parser is strong; verify parsed experience dates and job titles.
- Custom screening questions are often scored algorithmically — answer completely.
- Location field affects geo-based screening; use your actual metro area.
ANONYMOUS · UNFILTERED
What do employees actually say about Snowflake?
Real rants from real employees. Read before you apply.