phData

phData

phData specializes in providing comprehensive data engineering, data strategy, and machine learning services, offering end-to-end managed data solutions that facilitate data migrations, integrations, and the development of modern data products and appl...

IT Services
251-1K

Description

  • Lead the architecture, hardening, and continuous security improvement of enterprise Snowflake platforms in complex client environments.
  • Translate business, security, and technical requirements into operating models, roadmaps, and engineering work.
  • Design and lead proactive monitoring, alerting, and threat detection using Snowflake audit and telemetry data.
  • Investigate, identify, and remediate risk through threat modeling and attack-path analysis across access, identity, network, and data protection controls.
  • Guide architectural and operational decisions across governance, authentication, privileged access, network security, and data protection.
  • Serve as a trusted advisor to client stakeholders, internal engineers, and partner teams on platform risks and remediation plans.
  • Create automation, runbooks, accelerators, and best practices to improve managed services quality and scalability.
  • Lead cross-functional teams and mentor engineers to mature secure managed services delivery.

Requirements

  • 15+ years of experience in cloud and data infrastructure, including significant experience in security engineering, platform security, or security operations.
  • Significant production experience with Snowflake, including platform architecture, administration, security design, and operational governance.
  • Deep expertise in Snowflake security controls, including RBAC, managed access, secure data sharing, account guardrails, privileged access, governance patterns, masking, and row- or column-level access.
  • Hands-on experience with Snowflake audit and telemetry data such as ACCOUNT_USAGE views including ACCESS_HISTORY, QUERY_HISTORY, LOGIN_HISTORY, and POLICY_EVENTS.
  • Experience integrating Snowflake and security logs into SIEM or similar platforms such as Splunk, Microsoft Sentinel, CrowdStrike, or Datadog.
  • Strong technical depth across network, identity, authentication, secrets management, and service account lifecycle controls, including PrivateLink, MFA, SSO/SAML, OAuth token scoping, key pair authentication, and credential rotation.
  • Hands-on experience with secrets managers such as AWS Secrets Manager, HashiCorp Vault, or Azure Key Vault.
  • Strong working experience with SQL, Infrastructure as Code, Python automation, and CI/CD.
  • Experience delivering managed services or consulting engagements in complex enterprise environments.
  • Bachelor’s degree in Computer Science, Engineering, or a related field, or equivalent practical experience.
  • Snowflake certifications, including SnowPro Core and one or more advanced certifications, preferred.
  • Security certifications such as CISSP, CEH, AWS Security Specialty, or equivalent, preferred.
  • Prior experience in regulated industries such as life sciences, healthcare, or financial services, especially with SOC 2, HIPAA, or PCI-DSS requirements, preferred.
  • Experience supporting multiple customer accounts and distributed global teams in a managed services environment, preferred.
  • Contributions to technical communities through writing, speaking, internal accelerators, or reusable security assets, preferred.

Benefits

  • Remote-first work environment.
  • 401(k) plan with company match.
  • Dental and vision insurance.
  • Home office equipment stipend.
  • Annual learning and development stipend.
  • Competitive compensation, excellent benefits, 4 weeks of PTO, 10 holidays, and additional perks.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Data Protection Engineer

Assyst Tecnologia 1-10 Wireless Telecommunication Services

ASSYST is hiring a remote Data Protection Engineer in Baltimore, Maryland to protect sensitive enterprise data by defining policies, monitoring exposure, and preventing data loss across the organization.

Cybersecurity HIPAA
10 hours, 56 minutes ago

Senior AI Security Engineer

Appian 1K-5K Internet Software & Services

Appian is seeking a software engineer to build autonomous AI agents and LLM-powered security workflows for enterprise threat detection, triage, and analyst escalation.

AWS Azure CrowdStrike GCP Kubernetes LLM Python REST API SIEM Splunk
10 hours, 56 minutes ago

Staff Security Engineer, Proactive Security

DoorDash 10K-50K Air Freight & Logistics

DoorDash is seeking a Staff Security Engineer to lead product and cloud security efforts for its global delivery platform, focusing on securing services, reducing vulnerabilities, and improving operational resilience across its marketplace infrastructure.

AWS GCP Go LLM Python Terraform
11 hours, 26 minutes ago

DevSecOps Engineer

Flexion 51-250 Internet Software & Services

Flexion is hiring a remote DevSecOps Engineer to support an enterprise application development project focused on accelerating trusted AI adoption across government.

Agile Astro AWS CI/CD DevSecOps Docker FastAPI GitHub Actions Helm Jenkins Kubernetes OpenID Connect Python SAML SvelteKit Terraform TypeScript
11 hours, 26 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers