Security Triage Analyst

As a Security Triage Analyst at Snowflake, you will be part of a global team and have the opportunity to learn from the industry's best-in-class experts. You will serve as the front-line of the Incident Response Team, where your responsibilities include determining the scope and impact of security alerts without breaching SLAs. This involves monitoring multiple alerting systems for both corporate IT and production environments. You will triage security alerts, take remediation actions, or escalate validated threats as necessary. By being part of this role, you will have the chance to hone your technical and analytical skills while gaining invaluable experience. Additionally, you will follow and contribute to incident response playbooks and runbooks. Our ideal Security Triage Analyst will possess a Bachelor's or Master's degree in Information Security or an equivalent discipline. They should have at least 2 years of experience on a Global SOC, Incident Response Team, or in a similar role. The candidate should be able to work from 5:00 AM to 2:00 PM IST, five days a week, on one of two shifts: Shift A (Sunday through Thursday) or Shift B (Tuesday through Saturday). Experience in analyzing emails for phishing, email header analysis, URL analysis, basic dynamic and static file analysis, and basic knowledge of SQL are required. The candidate should also have a fundamental understanding of cloud computing and infrastructure, including knowledge of virtual machines, web servers, load balancers, reverse proxies, firewalls, etc. Strong knowledge of networking basics such as TCP/IP, HTTP, DNS, subnetting, VLAN, NAT, and basic network and system forensic principles is essential. Experience with the Linux Command Line Interface, ability to analyze logs, and identify abnormal patterns is required. Basic understanding of containerization, object-oriented programming, and excellent communication skills are also necessary. Bonus points will be given for candidates with prior experience using Snowflake, Python programming, regular expressions, knowledge of APIs, experience working with low-code/no-code automation or SOAR platforms, and exposure to security assessment/design review and threat modeling. Certification in cloud platforms, familiarity with JIRA, ServiceNow, or other case management tools, and the ability to communicate investigative findings to technical staff are advantageous. Snowflake is experiencing rapid growth, and the team is expanding to support and accelerate this growth. We are looking for individuals who share our values, challenge conventional thinking, drive innovation, and contribute to building a future for themselves and Snowflake. For more details regarding the job location, salary, and benefits information for positions in the United States, please visit the Snowflake Careers Site at careers.snowflake.com.,