Security Risk and Compliance Auditor

San Mateo, CA
Security
Full-time
About Snowflake

Snowflake is growing fast and we’re scaling our team to help enable and accelerate our growth. We’re passionate about our people, our customers, our values and our culture! We’re also looking for people with a growth mindset and the pragmatic insight to solve for today while building for the future. And as a Snowflake employee, you will be accountable for supporting and enabling diversity and belonging.

Snowflake started with a clear vision: make modern data warehousing effective, affordable, and accessible to all data users. Because traditional on-premises and cloud solutions struggle with this, Snowflake developed an innovative product with a new built-for-the-cloud architecture that combines the power of data warehousing, the flexibility of big data platforms, and the elasticity of the cloud at a fraction of the cost of traditional solutions.

As a Security Risk and Compliance Auditor at Snowflake you will support efforts to secure the Snowflake Service and maintaining various industry standard security compliance controls and frameworks to protect customer data.

Roles and Responsibilities:

    • You will assist in evidence gathering and control monitoring of company regulatory and compliance audits
    • Respond to customer inquiries daily surrounding the company’s relevant security and compliance obligations and documentation
    • Assist with internal audit automation and monitoring
    • You thrive on handling a wide variety of responsibilities related to internal audit as well as education of stakeholders surrounding the company security and compliance obligations
    • Validate on-going compliance of policies and procedures in support of regulations
    • Work with our Security Team to improve policy and procedure documentation
    • Assist with external audit evidence collection
    • Follow up with staff members to ensure completion of security-related tasks
    • Interact with customers via email to help triage and satisfy security requests

Our ideal Security Risk and Compliance Analyst will have:

    • At least 2 years of relevant experience that demonstrates his or her ability to handle the assigned responsibilities
    • Ability to work during different time zones (PST, EST, etc.)
    • Experience with NIST 800-53
    • Hands-on technical audit experience in the areas of SOC2, PCI, HIPAA, SOX 404, FedRAMP, GDPR, and/or ISO 27001
    • Previous role that demonstrates technical aptitude and interest
    • Achievements that demonstrate candidate is extremely detail oriented
    • Proficiency with multiple spreadsheet tools
    • Achievements that demonstrate exceptional written and verbal communication skills
    • Previous role that requires exceptional organizational skills
    • Extremely high ethical standards as proven by successful background checks and references
    • Previous experience working with a variety of personalities from a variety of cultures

Bonus points for experience with the following:

    • SQL query experience
    • AWS, Azure, Google Cloud, or other major Cloud Provider experience
    • Big 4 experience a plus
    • Hands-on Salesforce Cases experience
    • Project or program management experience
    • Experience with a Software as a Service / Cloud solution
    • CISA or CISSP

Snowflake is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, color, gender identity or expression, marital status, national origin, disability, protected veteran status, race, religion, pregnancy, sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.