Security Engineer – Threat Detection

This is a fully remote position, open to applicants in United States.

📋 Description

• Create and implement detections utilizing contemporary engineering methodologies (such as testing/validation, CI/CD pipelines, detections as code, and the detection development lifecycle), incorporating both rules-based and AI-supported detections.

• Enhance our threat detection initiative by identifying gaps and addressing risks through detective controls, including experimentation with AI/ML techniques that improve the signal-to-noise ratio or increase analyst efficiency.

• Establish and sustain robust partnerships with our stakeholders to deliver detection as a service, featuring self-service patterns, reusable components, and AI-augmented detections tailored to their specific domains.

• Continuously assess and enhance detection quality (coverage, precision/recall, false positive rate, latency).

⛳️ Requirements

• Experience in Security Engineering (including Threat Detection, Incident Response, Threat Hunting, Product Security, Corporate Security, or related fields).

• Proficient coding skills (in languages such as Python, Go, etc.), with an eagerness to apply these abilities to AI/ML-driven use cases in detection and response.

• Proven experience collaborating with various security teams and stakeholders.

• Capability to review and assess logging and observability requirements that facilitate detection and response.

• A risk-oriented approach to security that aids in prioritizing essential security initiatives and evaluating when AI delivers significant advantages over traditional rules and heuristics.

• Understanding of the current security landscape with expertise in several areas, including cloud security, identity and access management, SaaS security, endpoint security, data security, and insider risk.

• An automation-first mindset for scaling security efforts, with familiarity in CI/CD, infrastructure as code, and “detections as code.”

• A humble, team-focused engineer who values team success in a collaborative, zero-ego environment.

• Experience in developing with a high-level programming language (such as Go, Python, etc.).

• Proficient in handling data programmatically (using SQL, Python, etc.).

• Background in writing production-level code, including unit tests, version control, and CI/CD integration.

• Familiarity with at least one major cloud provider (AWS, Azure, GCP) along with an understanding of its native logging, monitoring, and security services.

• Awareness of the risks affecting SaaS products and workstations.

🏝️ Benefits

• We are dedicated to advancing security in the agentic era, rejecting the status quo.

• There is a strong demand from our customers and solid backing from the business for security, providing us both the mandate and the means to invest in next-generation, AI-driven detection and response capabilities.

• We have a fantastic team with diverse backgrounds and skills, and we are eager to welcome engineers who are enthusiastic about pushing the boundaries of AI in security.

• Join a team tackling Security Threat Detection on a global scale, utilizing Snowflake’s own data platform and AI capabilities to develop detections and workflows that significantly elevate the standards for defenders.