UST
Website:
ust.com
Job details:
Role Description
We are seeking a
mid‑level Snowflake Cloud Security & Vulnerability Engineer to support the ongoing security, monitoring, and remediation of vulnerabilities across our Snowflake cloud data platform. The role is hands‑on and operational, focusing on execution, continuous monitoring, and collaboration with platform and data engineering teams to maintain a secure, compliant analytics environment.
The successful candidate will have
solid Snowflake and SQL experience, a good understanding of cloud security fundamentals, and practical experience remediating security issues rather than only identifying them.
Key Responsibilities
Vulnerability Monitoring & Security Operations
- Monitor Snowflake environments for security vulnerabilities, misconfigurations, and policy drift.
- Review access controls, roles, privileges, and data permissions using Snowflake metadata and system views.
- Investigate security s, findings from vulnerability scanners, and CSPM tools relevant to Snowflake.
- Maintain accurate records of vulnerabilities, remediation actions, and risk acceptance where required.
Remediation & Platform Hardening
- Remediate identified vulnerabilities by:
- Updating Snowflake RBAC and privilege models
- Correcting insecure configurations
- Reducing excessive permissions and unused roles
- Apply Snowflake security best practices, including least‑privilege access and secure object design.
- Validate remediation through testing and post‑change verification.
SQL & Data Security Engineering
- Use SQL extensively to:
- Audit access patterns, role usage, and privilege grants
- Analyse Snowflake ACCOUNT_USAGE and INFORMATION_SCHEMA views
- Create security reports and monitoring queries
- Support implementation and maintenance of:
- Secure views
- Row access policies
- Dynamic data masking
- Work with data engineers to ensure secure SQL coding and data access patterns.
Security Tooling & Automation
- Support integration between Snowflake and security platforms (e.g. SIEM, CSPM).
- Develop and maintain basic automation or scripts for security validation and reporting.
- Contribute to creating dashboards and metrics tracking security posture and remediation progress.
Governance, Compliance & Documentation
- Support compliance activities related to ISO 27001, SOC 2, GDPR, or internal security standards.
- Maintain clear documentation, runbooks, and operational procedures for Snowflake security.
- Assist with audit preparation by providing evidence and technical explanations.
Collaboration & Continuous Improvement
- Work closely with data engineering, cloud, and security teams on security improvements.
- Raise security risks clearly and propose practical remediation actions.
- Stay current with Snowflake security features and evolving cloud security threats.
Core Experience
Required Skills & Experience
- 2–5 years’ experience in a cloud security, data platform, or security engineering role.
- Hands‑on experience administering and securing Snowflake environments.
- Strong, practical SQL skills with the ability to write complex queries for analysis and auditing.
- Experience remediating security findings rather than only identifying issues.
Snowflake Security Knowledge
- Understanding of Snowflake:
- Role‑Based Access Control (RBAC)
- Databases, schemas, warehouses, and grants
- Secure views, data masking, and row access policies
- Experience reviewing and tightening permissions using least‑privilege principles.
- Familiarity with Snowflake metadata, ACCOUNT_USAGE, and security monitoring views.
Cloud & Security Fundamentals
- Experience with at least one major cloud provider (AWS, Azure, or GCP).
- Understanding of cloud identity, networking, and security concepts.
- Awareness of common cloud security risks and mitigation approaches.
Vulnerability Management
- Experience working with vulnerability findings from scanners or CSPM tools.
- Ability to assess risk, prioritise remediation, and implement fixes.
- Familiarity with security best practices and baseline standards.
Automation & Scripting
- Basic to intermediate scripting skills (Python, Bash, or similar).
- Experience automating reporting, validation, or configuration checks is desirable.
Desirable / Nice to Have
- Snowflake certifications (SnowPro Core or above).
- Experience with SIEM tooling (e.g. Splunk, Microsoft Sentinel).
- Familiarity with data privacy controls and sensitive data handling.
- Exposure to infrastructure‑as‑code (e.g. Terraform).
Key Attributes
- Hands‑on, delivery‑focused mindset.
- Comfortable working from defined security standards and guidance.
- Strong attention to detail with a methodical approach.
- Able to communicate technical findings clearly to peers and stakeholders.
Skills
snowflake,sql,python,cloud computing,
Click on Apply to know more.