Senior Incident Response Engineer


  • Full Time

Build the future of data. Join the Snowflake team.


Snowflake is growing fast and we’re scaling our team to help enable and accelerate our growth. We’re passionate about our people, our customers, our values and our culture! We’re also looking for people with a growth mindset and the pragmatic insight to solve for today while building for the future. And as a Snowflake employee, you will be accountable for supporting and enabling diversity and belonging.

Snowflake started with a clear vision: make modern data warehousing effective, affordable, and accessible to all data users. Because traditional on-premises and cloud solutions struggle with this, Snowflake developed an innovative product with a new built-for-the-cloud architecture that combines the power of data warehousing, the flexibility of big data platforms, and the elasticity of the cloud at a fraction of the cost of traditional solutions.


  • Join a high impact team of security experts to scale security at one of the fastest-growing software companies ever
  • Handle escalations, and lead security investigations and incidents as Incident Commander
  • Maintain playbooks and develop comprehensive and well-structured incident reports
  • Build scripts, tools, and methodologies to enhance Snowflake incident response
  • Partner closely with our Threat Detection, Automation, ProductSecurity, Legal, HR, Cloud and Data teams
  • Create and improve detections and threat signatures
  • Participate in on-call rotation periodically which may involve non-traditional working hours


  • Strong experience in IR, security investigations, and running incidents as the incident commander
  • Experience using investigative tools such as EDR, DLP, SIEM, and SOAR
  • Automation experience in Python and be comfortable with SQL 
  • Excellent understanding of cloud security
  • Ability to convert long term strategy into short and long-term objectives
  • Significant experience leading security projects 
  • Knowledge of network and web protocols, and an in-depth knowledge of Linux/Unix tools and architecture
  • Experience conducting forensics investigations on Unix or Windows hosts
  • Knowledge of dynamic and static malware analysis


Snowflake is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, color, gender identity or expression, marital status, national origin, disability, protected veteran status, race, religion, pregnancy, sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  

Job Overview