Snowflake
SaaS
SecurityEngineer-ThreatDetection
Neural analysis suggests this role is
optimal for Mid+ candidates.
“Security Engineer - Threat Detection at Snowflake. Skills: AI/ML-powered use cases in detection and response, Threat Detection Program enhancement, AI and automation in threat detection, triage, and response, Building, maintaining, and evolving detections and supporting pipelines, Data-driven decisions based on threat models, proactive threat hunts, and data science–oriented exploration of logs and telemetry, Designing and building automations and AI-driven workflows. Enhance Snowflake’s Threat ”
What You'll Achieve.
Enhance Snowflake’s Threat Detection Program; Extend the reach and impact of Threat Detection across Snowflake; Protect our customers and our environment at cloud scale; Reduce mean time to detect and respond; Improve signal-to-noise ratio or analyst efficiency; Raise the bar for defenders
Industry & Context.
Solve problems; Accelerate your impact; Analyze gaps; Mitigate risks; Data science–oriented exploration of logs and telemetry
What They're Looking For.
Must Have
Security Engineering Experience (Threat Detection, Incident Response, Threat Hunting, Product Security, Corporate Security, or other related disciplines), Solid experience writing code—whether in software engineering, data engineering, or building automations (Python, Go, etc. ), with a desire to apply these skills to AI/ML-powered use cases in detection and response., Experience collaborating with various security teams and stakeholders, Ability to review and analyze logging and observability requirements that support detection and response, A risk-based approach to security to help prioritize key security initiatives and determine when AI provides meaningful value over traditional rules and heuristics., Knowledge of the current security landscape with domain knowledge in several of: cloud security, identity and access, SaaS security, endpoint security, data security, and insider risk., An automation-first mindset for scaling security, including comfort with CI/CD, infrastructure as code, and “detections as code., Experience with development in a high-level programming language (Go, Python, etc. ), and comfort applying those skills to data-heavy, automation, or AI-related projects., Experience handling data programmatically (SQL, Python, etc. ), ideally including large-scale log and telemetry datasets used for detection logic or analytics., Experience writing production code including unit tests, version control, and CI/CD integration., Experience with at least one major cloud provider (AWS, Azure, GCP) and understanding of its native logging, monitoring, and security services., Familiarity with the risks that impact SaaS products and workstations (e. g. , account compromise, data exfiltration, phishing, supply chain attacks)
Nice to Have
Computer Science degree or equivalent practical experience, Experience developing and working with systems that utilize infrastructure as code (e. g. , Terraform, CloudFormation), and/or “detections as code” frameworks, Experience building and maintaining production-level software or platforms that process high-volume data streams (e. g. , logging, metrics, traces) or power security analytics, Experience deploying detections at a global scale, Experience with Snowflake or equivalent cloud data platforms, including building data pipelines or analytics that could support security workloads
What You'll Do.
Enhance Snowflake’s Threat Detection Program
Extend the reach and impact of Threat Detection across Snowflake
with AI and automation as core primitives in how we detect
and respond to threats.
Combine security expertise with engineering skills to build
and evolve detections and supporting pipelines.
and continuously improve detections that mitigate identified risks.
Make recommendations for detective and preventative controls.
Design and build automations and AI-driven workflows that enhance our security posture and reduce mean time to detect and respond.
Develop and deploy detections using modern engineering practices (testing/validation
detection development lifecycle
including both rules-based and AI-assisted detections.
Mature our threat detection program by analyzing gaps and mitigating risks via detective controls
including experimentation with AI/ML approaches where they improve signal-to-noise ratio or analyst efficiency.
Build and maintain partnerships with our stakeholders to provide detection as a service
including self-service patterns
and AI-enhanced detections that support their domains.
Continuously measure and improve detection quality (coverage
How You'll Work.
Team & Collaboration
Experience collaborating with various security teams and stakeholders; Partner with stakeholders across Security and Engineering; Build and maintain partnerships with our stakeholders to provide detection as a service
Full Job Description
At Snowflake, we are powering the era of the agentic enterprise. To usher in this new era, we seek AI-native thinkers across every function who are energized by the opportunity to reinvent how they work. You don’t just use tools; you possess an innate curiosity, treating AI as a high-trust collaborator that is core to how you solve problems and accelerate your impact. We look for low-ego individuals who thrive in dynamic and fast-moving environments and move with an experimental mindset — who rapidly test emerging capabilities to discover simpler, more powerful ways to deliver results. At Snowflake, your role isn't just to execute a function, but to help redefine the future of how work gets done. Snowflake has developed a world class cloud data platform that is effective, affordable and accessible to all data users. As we continue to scale globally, we are investing heavily in AI-powered threat detection and response to protect our customers and our environment at cloud scale. We are looking for a Security Engineer – Threat Detection who will help enhance Snowflake’s Threat Detection Program and extend the reach and impact of Threat Detection across Snowflake, with AI and automation as core primitives in how we detect, triage, and respond to threats. You will combine security expertise with strong engineering skills to build, maintain, and evolve detections and supporting pipelines. The ideal candidate seeks to gain a strong understanding of the Snowflake Product and Corporate environment, then uses that knowledge to create, optimize, and continuously improve detections that mitigate identified risks. You will partner with stakeholders across Security and Engineering, making informed, data-driven decisions based on threat models, proactive threat hunts, and data science–oriented exploration of logs and telemetry. You will make recommendations for detective and preventative controls, and you will design and build automations and AI-driven workflows that enhance our s
Applying for this Security Engineer - Threat Detection role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Ashby
- Ashby is a fast modern ATS — most applications take under 3 minutes.
- The resume parser is strong; verify parsed experience dates and job titles.
- Custom screening questions are often scored algorithmically — answer completely.
- Location field affects geo-based screening; use your actual metro area.
ANONYMOUS · UNFILTERED
What do employees actually say about Snowflake?
Real rants from real employees. Read before you apply.