Security Triage Analyst

Snowflake is about empowering enterprises to achieve their full potential u2014 and people too. With a culture that's all in on impact, innovation, and collaboration, Snowflake is the sweet spot for building big, moving fast, and taking technology u2014 and careers u2014 to the next level.

AS A SECURITY TRIAGE ANALYST AT SNOWFLAKE, YOU WILL :

Be part of a global team and learn from the industry's best-in-class experts.

Serve as the front-line of our Incident Response Team.

Determine scope and impact. Without breaching SLAs, from an array of multiple alerting systems monitoring both corporate IT and production environments

Triage security alerts and take remediation or escalate validated threats.

Hone your technical and analytical skills while gaining invaluable experience.

Follow and contribute to incident response playbooks and runbooks.

OUR IDEAL SECURITY TRIAGE ANALYST WILL HAVE :

Bachelor's or Master's degree in Information Security or equivalent discipline.

2+ years on a Global SOC, Incident Response Team, or in a similar role.

Ability to work 5 : 00 AM to 2 : 00 PM IST (5 days a week) on one of two shifts :

Shift A : Sunday through Thursday

Shift B : Tuesday through Saturday

Experience analyzing emails and determining if they are Phishing.

Email header analysis.

URL analysis.

Basic Dynamic & Static file analysis.

Basic knowledge of SQL.

Ability to read and write SQL queries and operate across multiple tables.

Knowledge to modify existing SQL queries to solve new problems.

Basic knowledge of Cloud Computing & Infrastructure. Examples include :

Knowledge of : Virtual Machines, Web Servers, Load Balancers, Reverse Proxies, Firewalls, etc.

Can explain the benefits of serverless computing (e.g., AWS Lambda).

Basic experience with one or more of the top three cloud providers (AWS, Azure, GCP).

Strong understanding of networking basics (TCP / IP, HTTP, DNS, Subnetting, VLAN, NAT) and basic network and system forensic principles.

Ability to analyze logs (Windows, Linux, cloud services) and identify abnormal patterns.

Experience with the Linux CLI. Examples include :

Ability to navigate the OS & execute basic commands.

Interact with files and directories (e.g. create, read, update, delete).

Interact and navigate logs files (e.g. cat, less, head, more, tail, grep, awk, sed)

Know important files & directories (e.g. / etc / shadow, / var / log / , etc.).

Understand user & file permissions.

Basic understanding of Containerization. Examples include :

Experience running a Dockerized application in the cloud or locally.

Ability to explain benefits and drawbacks of containerization.

Proven understanding of fundamentals of object oriented programming.

Excellent communication skills both verbal and written.

Self-starter with a mindset of ownership and curiosity.

BONUS POINTS FOR EXPERIENCE WITH THE FOLLOWING :

Prior experience using Snowflake.

Python Programming.

Regular Expressions.

Knowledge and use of APIs.

Experience working with a low-code / no-code automation or SOAR platform.

Prior experience or working understanding / experience with security assessment / design review, and threat modeling

Knowledge of Industry Standard Security Frameworks / Processes

MITRE ATT&CKu00AE

NIST / SANS Incident Response

Cyber Kill Chainu00AE

Basic understanding of Infrastructure as Code (IaC).

Certification in cloud platforms.

Exposure to JIRA, Servicenow or other case management tools.

Ability to communicate investigative / triage findings and action items to technical staff.

Demonstrated experience in security competitions. Eg CTF, TryHackMe, or Hack the Box

Snowflake is growing fast, and we're scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake.

How do you want to make your impact

For jobs located in the United States, please visit the job posting on the Snowflake Careers Site for salary and benefits information :

Skills Required

regular expressions, Sql, Incident Response, Networking Basics, Python Programming, containerization , Apis, Object Oriented Programming