All roles

Open role

[Remote] Principal Security Engineer - Threat Intelligence

Remote · Sri Lanka Full-time

Note: The job is a remote job and is open to candidates in USA. Snowflake is a cloud data platform company that is focused on enhancing security capabilities to mitigate threats. They are seeking a Principal Security Engineer - Threat Intelligence to lead the Threat Intelligence program, operationalize intelligence, and translate it into actionable outcomes for the organization.

Responsibilities

  • Help define and mature the strategy for Threat Intelligence at Snowflake, including where the program should invest in people, processes, engineering, and AI-enabled capabilities
  • Identify, profile, and track threat actors targeting Snowflake, our customers, partners, and ecosystem, and translate that intelligence into relevant, actionable outcomes
  • Operationalize threat intelligence to help prioritize security initiatives and drive action with the relevant security teams and stakeholders
  • Produce high-quality intelligence reports, assessments, briefs, and leadership-ready communications based on external events, internal requirements, and proactive research
  • Engineer solutions that improve the efficiency, scale, and impact of the Threat Intelligence program, including automations, collection pipelines, enrichment workflows, and analyst tooling
  • Build and improve AI-assisted intelligence workflows for tasks such as report triage, signal enrichment, summarization, vendor/customer monitoring, and threat-informed hunts, with strong measurement and quality
  • Partner closely with Threat Detection, Incident Response, and other security teams to convert intelligence into detections, threat hunts, investigative pivots, and control recommendations
  • Monitor alerts, intelligence feeds, vendor reporting, and external developments for threat events that may affect Snowflake
  • Drive standards for how intelligence is curated, evaluated, delivered, and measured so the program remains high-signal, timely, and scalable
  • Mentor other engineers and analysts by raising the team’s technical depth, analytic rigor, and operational maturity

Skills

  • Deep experience in threat intelligence, with strong background in several of: adversary intelligence, intrusion intelligence, supply-chain intelligence, identity intelligence, domain intelligence, and threat-informed defense
  • Strong understanding of today's threat actor ecosystem, including nation-state actors, criminal organizations, ransomware groups, fraud ecosystems, and the platforms and communities that enable them
  • Demonstrated ability to operationalize threat intelligence and influence security priorities in partnership with detection, incident response, product security, cloud security, anti-abuse, and other stakeholders
  • Strong engineering skills, including experience writing code in high-level languages such as Python or Go, building automations, and working with data-heavy security workflows
  • Experience building or driving AI-assisted workflows for intelligence analysis, research triage, summarization, collection, prioritization, or investigative support, and good judgment about where AI adds value versus where human analysis is required
  • Ability to research threat actors' TTPs, infrastructure, targets, and objectives, and map those risks to Snowflake's product, enterprise, and customer environment
  • Experience with OSINT tools, data sources, investigative methodologies, and intelligence reporting for technical and executive audiences
  • Strong understanding of threat hunting and threat detection methodologies, and the ability to turn intelligence into hunts, detection opportunities, and control recommendations
  • A risk-based approach to security, with the ability to prioritize work based on business impact and evolving threat conditions
  • A humble, team-oriented mindset with a bias toward collaboration, execution, and raising the bar for the broader team
  • Significant experience in threat intelligence, cyber threat research, intelligence engineering, or closely related security disciplines
  • Experience researching and tracking sophisticated threat actors targeting cloud-native and SaaS environments
  • Experience writing code in a high-level programming language such as Python or Go and using code to automate manual workflows or analyze security data at scale
  • Experience handling data programmatically using tools such as SQL and Python, ideally against large datasets relevant to security analytics or intelligence workflows
  • Experience collaborating across multiple security functions and communicating effectively with technical stakeholders and leadership
  • Strong understanding of enterprise security controls, threat hunting, and detection methodologies
  • Experience with one or more major cloud providers (AWS, Azure, GCP) and familiarity with the risks that impact cloud and SaaS environments
  • Experience leading or materially shaping a Threat Intelligence program at scale
  • Experience building AI/ML-assisted security workflows or evaluating AI systems for security use cases
  • Experience with data engineering, workflow orchestration, or production-grade systems that support intelligence or security operations at scale
  • Experience with Snowflake or equivalent cloud data platforms for large-scale analysis and investigative workflows
  • Experience presenting externally, publishing research, or demonstrating thought leadership in the security space
  • Experience building capabilities that support intelligence-driven detection, hunting, or response at a global scale

Company Overview

  • Snowflake is a cloud data platform that provides a data warehouse as a service designed for the cloud. It was founded in 2012, and is headquartered in San Mateo, California, USA, with a workforce of 5001-10000 employees. Its website is https://www.snowflake.com.
  • Company H1B Sponsorship

  • Snowflake has a track record of offering H1B sponsorships, with 216 in 2026, 405 in 2025, 265 in 2024, 154 in 2023, 182 in 2022, 113 in 2021, 98 in 2020. Please note that this does not guarantee sponsorship for this specific role.
  • More open positions

    [Remote] Data Scientist

    Work from home Full-time role

    [Remote] Full Stack Engineer | $75/hr Remote

    Work from home Full-time role

    [Remote] Lead DevOps Engineer (AWS)

    Work from home Full-time role

    [Remote] Bid Writer - German speaking - Home working/Remote

    Work from home Full-time role

    [Remote] Cloud Engineer (Infrastructure Systems)

    Work from home Full-time role

    QA Specialist

    Work from home Full-time role

    Remote Audiologist in KS

    Work from home Full-time role

    Senior Golang Engineer

    Work from home Full-time role

    Sr HR Operations Specialist

    Work from home Full-time role

    Site Merchandising Specialist

    Work from home Full-time role

    Hillsborough Community College

    Work from home Full-time role

    Associate Attorney – Workers’ Compensation Defense (Remote)

    Work from home Full-time role

    Clinical Applications Specialist - Cardiology (GA/LA/Northern FL)

    Work from home Full-time role

    [Remote] TERRITORY SALES MANAGER

    Work from home Full-time role

    Part-Time Remote Data Entry Specialist – Precision Data Management for careerzynith – $25/hr Flexible Schedule

    Work from home Full-time role

    [Remote] Cloud SRE / Senior Cloud Engineer

    Work from home Full-time role

    Technical Marketing Intern

    Work from home Full-time role

    Remote Data Entry Specialist – Accurate Digital Transcription, Database Management & Spreadsheet Optimization (Work‑From‑Home)

    Work from home Full-time role

    Multilingual Voice Actor, New Grad (Remote)

    Work from home Full-time role

    [Remote] Key Account Manager - Central

    Work from home Full-time role

    HR Operations Manager (f/m/d) - Part Time - Fully Remote

    Work from home Full-time role