Build the future of the AI Data Cloud. Join the Snowflake team.
We’re at the forefront of the data revolution, committed to building the world’s greatest data and applications platform. Our ‘get it done’ culture allows everyone at Snowflake to have an equal opportunity to innovate on new ideas, create work with a lasting impact, and excel in a culture of collaboration.
Snowflake is looking for a Senior Security Risk Analyst to join our Global Security Compliance & Risk team and help manage and improve on the existing program for assessing the risk of third party tools and services in use by Snowflake. You will be responsible for managing the intake process, working with constituents to collect the required information, collecting all necessary details to understand the use case for each tool or service, and reviewing the required documentation and evidence to meet the security controls required based on the use case. You will help identify and manage Third Party security risk to protect Snowflake assets.
AS THE SENIOR SECURITY RISK ANALYST - TPRM, YOU WILL:
Perform ongoing third party security risk assessments to help Snowflake identify and evaluate security risks
Support and monitor remediation efforts of identified gaps, perform remediation audit to validate the closure
Review and process incoming requests for security assessment of new products and services
Review all evidence provided to compare vendor security controls to Snowflake data protection requirements
Assess and manage security findings from various vendor security monitoring systems
Develop and improve security documentation
Work cross-functionally to ensure team objectives are achieved
Take risk-based approach to review security agreement
Measure effectiveness of the program and ensure SLA is met
OUR IDEAL SENIOR SECURITY RISK ANALYST - TPRM WILL HAVE:
6+ years of experience in security compliance role with 3+ years previous experience in third party security risk
Understanding of a broad set of security best practices (e.g., application security, secure software development lifecycles, risk management, data protection, encryption & key management, identity and access management, security operations, security governance, network security, etc.) and technologies
Flexibility to work during different time zones
Exceptional communication skills, including perfect written English
Familiarity with PCI-DSS, HIPAA, SOC1, SOC2, GDPR, and/or ISO standards and frameworks
Previous role that requires exceptional organizational skills. Ability to analyze, organize and prioritize multiple tasks and meet deadlines
Technical competence sufficient to understand and explain complicated security concepts to various Snowflake stakeholders possessing varying levels of cybersecurity skill and understanding
Self-motivated problem solver who is comfortable engaging with high paced and complex environment
Work independently as well as collaboratively within a team environment. Ability to translate ambiguous directives into relevant action items and deliverables
Ability to think strategically and plan effectively, with attention to details and a strong ownership ethic and intense focus on accuracy and accountability
Extremely high ethical standards as proven by successful background checks and references
Previous experience working with a variety of personalities from a variety of cultures
BONUS POINTS FOR EXPERIENCE WITH THE FOLLOWING:
Proficiency in use of JIRA, Confluence, and ServiceNow
Proven experience in reviewing and negotiating security agreements
Security certification, such as CISSP, CCSP, CISA, Security+
AWS, Azure, Google Cloud, or other major Cloud Provider experience
Snowflake is growing fast, and we’re scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake.
How do you want to make your impact?