ForgeApply · Job listing
Principal Security Engineer - Threat Intelligence
Snowflake
Apply in about a minute — without sacrificing quality.
ForgeApply autofills this application and tailors your resume to this exact posting. You review everything before it's sent. Free trial, no card required.
About this role
At Snowflake, we are powering the era of the agentic enterprise. To usher in this new era, we seek AI-native thinkers across every function who are energized by the opportunity to reinvent how they work. You don’t just use tools; you possess an innate curiosity, treating AI as a high-trust collaborator that is core to how you solve problems and accelerate your impact. We look for low-ego individuals who thrive in dynamic and fast-moving environments and move with an experimental mindset — who rapidly test emerging capabilities to discover simpler, more powerful ways to deliver results. At Snowflake, your role isn't just to execute a function, but to help redefine the future of how work gets done.
Snowflake has developed a world class cloud data platform that is effective, affordable and accessible to all data users.
As we continue to scale globally, we are investing in security capabilities that help us better understand, anticipate, and mitigate threats targeting Snowflake, our customers, and our ecosystem. We are looking for a Principal Security Engineer - Threat Intelligence who will help shape the next phase of Snowflake’s Threat Intelligence program and extend the reach and impact of Threat Intelligence across Snowflake. This role will combine deep intelligence expertise with strong engineering and program leadership skills, with AI and automation as core primitives in how we collect, analyze, prioritize, and operationalize intelligence.
The ideal candidate will help Snowflake leadership and security stakeholders make informed, risk-based, and data-driven decisions based on actionable threat intelligence. You will identify and track threat actors targeting cloud-native environments such as Snowflake, translate intelligence into concrete defensive outcomes, and build scalable approaches that improve how intelligence is delivered across the company.
This is a principal-level individual contributor role for someone who can operate strategically and technically: driving program maturity, building durable partnerships across Security and Engineering, and engineering AI-assisted workflows that help us move faster without sacrificing quality.
WHAT YOU NEED:
- Deep experience in threat intelligence, with strong background in several of: adversary intelligence, intrusion intelligence, supply-chain intelligence, identity intelligence, domain intelligence, and threat-informed defense.
- Strong understanding of today’s threat actor ecosystem, including nation-state actors, criminal organizations, ransomware groups, fraud ecosystems, and the platforms and communities that enable them.
- Demonstrated ability to operationalize threat intelligence and influence security priorities in partnership with detection, incident response, product security, cloud security, anti-abuse, and other stakeholders.
- Strong engineering skills, including experience writing code in high-level languages such as Python or Go, building automations, and working with data-heavy security workflows.
- Experience building or driving AI-assisted workflows for intelligence analysis, research triage, summarization, collection, prioritization, or investigative support, and good judgment about where AI adds value versus where human analysis is required.
- Ability to research threat actors’ TTPs, infrastructure, targets, and objectives, and map those risks to Snowflake’s product, enterprise, and customer environment.
- Experience with OSINT tools, data sources, investigative methodologies, and intelligence reporting for technical and executive audiences.
- Strong understanding of threat hunting and threat detection methodologies, and the ability to turn intelligence into hunts, detection opportunities, and control recommendations.
- A risk-based approach to security, with the ability to prioritize work based on business impact and evolving threat conditions.
- A humble, team-oriented mindset with a bias toward collaboration, execution, and raising the bar for the broader team.
WHAT YOU WILL DO:
- Help define and mature the strategy for Threat Intelligence at Snowflake, including where the program should invest in people, processes, engineering, and AI-enabled capabilities.
- Identify, profile, and track threat actors targeting Snowflake, our customers, partners, and ecosystem, and translate that intelligence into relevant, actionable outcomes.
- Operationalize threat intelligence to help prioritize security initiatives and drive action with the relevant security teams and stakeholders.
- Produce high-quality intelligence reports, assessments, briefs, and leadership-ready communications based on external events, internal requirements, and proactive research.
- Engineer solutions that improve the efficiency, scale, and impact of the Threat Intelligence program, including automations, collection pipelines, enrichment workflows, and analyst tooling.
- Build and improve AI-assisted intelligence workflows for tasks such as report triage, signal enrichment, summarization, vendor/customer monitoring, and threat-informed hunts, with strong measurement and quality..
- Partner closely with Threat Detection, Incident Response, and other security teams to convert intelligence into detections, threat hunts, investigative pivots, and control recommendations.
- Monitor alerts, intelligence feeds, vendor reporting, and external developments for threat events that may affect Snowflake.
- Drive standards for how intelligence is curated, evaluated, delivered, and measured so the program remains high-signal, timely, and scalable.
- Mentor other engineers and analysts by raising the team’s technical depth, analytic rigor, and operational maturity.
MINIMUM QUALIFICATIONS:
- Significant experience in threat intelligence, cyber threat research, intelligence engineering, or closely related security disciplines.
- Experience researching and tracking sophisticated threat actors targeting cloud-nativ
Ready to apply to Snowflake?
Apply in about a minuteSimilar jobs
- Security Engineer - Threat Intel — Anthropic · New York City, NY; Remote-Friendly (Travel-Required) | San Francisco, CA | Washington, DC; San Francisco, CA | New York City, NY
- Senior Threat Detection Engineer - Intelligence — Realtimeboardglobal · Austin, US
- Security Engineer 2 - Cyber Threat Intelligence — Datadog · New York, New York, USA
- Principal Security Engineer, Infrastructure Security — Openai · Remote
- Staff Security Engineer - SecOps & Threats — 6sense · Remote
- Principal Security Engineer — Candidhealth · San Francisco (CA), Denver (CO), New York (NY)
- Principal Security Engineer — Intersystems · Boston, MA
- Senior Research Engineer, Threat Intelligence — Securityscorecard · Remote
More like this: Security & Cybersecurity Jobs · Remote Security & Cybersecurity Jobs · Browse all jobs