Senior Security DevOps Engineer

Where Data Does More. Join the Snowflake team.

We are seeking a seasoned Senior Security DevOps Engineer with deep expertise in DevSecOps principles, observability, and infrastructure automation. The ideal candidate will have extensive experience with Terraform, Public Cloud like - AWS etc., Docker, Kubernetes, Python / Golang (or any scripting language ), SQL, and CI/CD pipelines. This role is a Senior IC role, driving security and operational excellence through a focus on metrics, logs, and traces, as well as proactive vulnerability and posture management.

The Security Platform Engineering team (SPE) team at Snowflake is a part of Security org in Snowflake and is a team of innovators, crafting custom solutions to protect our Data Cloud. We're responsible for providing engineering and infrastructure services, building solutions, and fostering communities of practice that empower the Snowflake security community. Our mission is to deliver the most secure Data Cloud to our customers and safeguard our organization's systems and data.

As a Senior Security DevOps Engineer at Snowflake, you will:

Advanced Infrastructure Expertise: Lead the design, implementation, and management of scalable, reliable, and secure infrastructure as code using Terraform in a multi-account AWS public cloud environment. Mentor junior engineers on best practices for security, performance, and cost optimization.

Observability and Monitoring Platform Leadership: Architect, implement, and maintain a robust, end-to-end observability platform. This includes designing and managing solutions for metrics (Prometheus, Grafana), logs (ELK stack, Splunk), and traces (Jaeger, OpenTelemetry). You will be responsible for ensuring we have comprehensive visibility into our systems' security, performance, and reliability.

Vulnerability Management and Remediation: Design and implement a comprehensive vulnerability management program for our cloud infrastructure and applications. Integrate vulnerability scanning tools into the CI/CD pipeline, analyze results, and drive the remediation of security flaws in collaboration with development and security teams.

Cloud Security Posture Management (CSPM): Lead the implementation and management of CSPM tools to continuously monitor and enforce security best practices across our AWS environments. Develop automation to identify and remediate misconfigurations, ensuring compliance with security policies and industry standards.

Static and Dynamic Application Security Testing (SAST/DAST): Integrate SAST and DAST tools into our development lifecycle to automatically detect security vulnerabilities in our code and running applications. You will be responsible for configuring these tools, triaging findings, and working with engineering teams to fix security bugs early in the development process.

Container and Orchestration Strategy: Drive advanced containerization strategies with Docker and orchestration with Kubernetes, focusing on secure deployment patterns, service mesh, and fine-grained access control. Optimize container security, performance, and resource utilization at scale.

CI/CD Pipeline Architecture: Architect and manage sophisticated, automated CI/CD pipelines that integrate security tools and checks at every stage. Champion a "shift-left" security approach by embedding automated testing and validation into the development lifecycle.

Scripting, Automation, and Tooling: Utilize expert-level Python and shell scripting skills to automate complex tasks, build custom tools, and create solutions that enhance security, operational efficiency, and developer workflows.

Innovation and Threat Research: Proactively research the latest developments in Devops security, observability, and emerging threats. Propose and implement strategic initiatives to continuously strengthen our security posture and operational excellence.

Cross-functional Collaboration: Partner with security, development, and operations teams to design and implement scalable, automated solutions that enhance the efficiency and security of our systems and applications. Promote best practices and security standards across the organization.

Our Ideal Senior Security DevOps Engineer will have:

Bachelor's degree in Computer Science, Information Security, or a related field.

5+ years of hands-on experience with DevSecOps principles, Terraform, AWS, Docker, Kubernetes, Python/ Go, SQL, and CI/CD tools.

Extensive experience in designing and implementing vulnerability management, CSPM, SAST, and DAST programs.

Proven expertise in designing and implementing observability solutions with metrics, logging, and tracing platforms such as Prometheus, Grafana, ELK stack (Elasticsearch, Logstash, Kibana), and OpenTelemetry.

Advanced knowledge of container security, service mesh technologies, and Kubernetes administration.

Good experience with database management and data ingestion on Snowflake or similar data warehousing platforms.

Deep understanding of security principles, industry best practices, and emerging technologies, with the ability to apply these concepts to design secure, scalable, and observable infrastructure.

Exceptional communication, collaboration, and problem-solving skills. The ability to articulate complex technical concepts to diverse stakeholders and mentor other engineers is essential.

A proven track record of continuous learning and staying current with the latest trends in security, DevOps, and observability.

Good to have - Cloud certifications : AWS Devops, AWS CSA etc.

Snowflake is growing fast, and we’re scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake.