Build the future of the AI Data Cloud. Join the Snowflake team.
We are hiring a Senior Director and Associate General Counsel - Security. This role will manage a team responsible for Legal Security matters and support Snowflake’s entire business, ranging from cybersecurity incident response, cybersecurity laws, industry and government certifications, cybersecurity by design, and global cybersecurity compliance. We are looking for someone willing to dig in and help build a world-class security program in a quickly evolving environment. This is a management position and reports to Snowflake’s VP and Deputy General Counsel - Corporate, Trust, and Employment. It is in-person in either San Mateo, CA, Dublin, CA, Bellevue, WA, or McClean, VA.
RESPONSIBILITIES :
Incident Response.
Drive Snowflake’s cross-functional response to security and data incidents in partnership with the Security teams. Involves quickly, pragmatically, and thoroughly handling a wide range of investigations and responses in partnership with multiple stakeholders, including Security, Engineering, Support, other Legal teams, and outside counsel.
Assist Snowflake’s Security and Compliance teams in maintaining a comprehensive security incident and vulnerability response program, including threat detection, investigation, containment and mitigation.
Advise on Snowflake’s insider threat program.
Regulatory and Customer Engagement. Help drive Snowflake’s communications with regulatory bodies and customers regarding cybersecurity issues, including incidents and our security program in general.
Certifications and New Markets.
Assist with achieving and maintaining public and private sector security certifications and standards.
Support Snowflake’s entry into new geographies and regulated markets with heightened cybersecurity requirements.
Help structure Snowflake’s public sector security compliance program and clearance requirements, which includes U.S. federal government and SLED markets as well as non-U.S. government markets.
Compliance.
Analyze and ensure compliance with global cybersecurity laws like NIS2 and DORA.
Work with Security, Product, and Marketing teams to review public statements about security.
Product Security. Provide security by design product counseling.
Commercial. Advise the Legal Commercial teams on cybersecurity contract negotiations and related issues for customers, partners, and vendors.
REQUIREMENTS :
Strong communication skills, including executive communications
10+ years as a practicing cybersecurity attorney; 15+ years professional experience
Experience with information security frameworks and compliance (i.e., NIST 800-53, ISO27001, SOC 1 and SOC 2)
Experience with U.S. cybersecurity laws, regulations and standards (i.e., Computer Fraud and Abuse Act, Cybersecurity Information Sharing Act, Electronic Communications and Privacy Act) and general familiarity with global cybersecurity laws, regulations and standards
BA/BS and JD from an accredited law school
U.S. security clearance is a plus
Attitude that no project is too big or too small
Experience managing attorneys
Comfort working in an extremely fast-paced environment
Sense of humor
Every Snowflake employee is expected to follow the company’s confidentiality and security standards for handling sensitive data. Snowflake employees must abide by the company’s data security plan as an essential part of their duties. It is every employee's duty to keep customer information secure and confidential.
Snowflake is growing fast, and we’re scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake.
How do you want to make your impact?