Global Security Compliance & Risk Analyst

See more jobs from Snowflake Inc.

3 months old

This job is no longer active

Build the future of data. Join the Snowflake team.

Snowflake is seeking a Senior Security Compliance Analyst to join our Global Security Compliance & Risk team and help drive compliance across Product Engineering and Corporate Engineering.

The Sr. Security Compliance Analyst will be a critical and high-impact individual contributor who would maintain and scale Snowflake’s User Access Review program and guide control owners to follow security and compliance best practices along with monitoring effectiveness of the controls. This role will report to the Security Compliance Manager within the Security and IT organizations. 

JOB RESPONSIBILITIES:

  • Manage and scale Snowflake’s User Access Review (UAR) program
  • On a quarterly basis, ensure that all participating systems in the UAR program are prepared for review (coordinating with UAR Automation platform team to ensure the necessary data is loaded), configure and launch the campaigns in scope for that quarter, plan and conduct training for reviewers, manage communications to the participants and ensure closure and documentation of the end state for each participating system
  • Identify and engage with participating system partners across the company to ensure readiness and engagement for regular UARs
  • Produce and maintain data reporting, analysis, dashboards, and scorecards in support of overall UAR program health, execution, and closure documentation
  • Gather feedback from all participants and reviewers to improve the UAR process and enhance Snowflake’s home-grown UAR automation platform. Manage training sessions for reviewers and participants during the execution of a review cycle
  • Collaborate closely with internal stakeholders to ensure compliance across various systems as well as interact with auditors to provide audit assurance. 
  • Work closely with system partners to document system-based RBAC documentation and review access provisioning processes against the RBAC in order to identify areas of improvement or enhanced control monitoring with the objective of reducing security risk.

QUALIFICATIONS :

  • 3-5 years of related work experience in Information Security Governance, Risk and Compliance (GRC) or relevant Compliance roles in the tech industry. Big 4 consulting experience is a plus.
  • Prior experience assessing or auditing cloud environments (AWS, Azure, and GCP), performing compliance assessments , conducting risk assessments and / or driving audits like SOX,ISO, SOC, PCI DSS
  • Ability to multitask and manage simultaneous projects
  • Ability to organize, conduct and drive meetings and outcomes independently.  Must be aware of and deliver quality stakeholder engagement experience in a fast-paced, innovative environment
  • Strong analytical, communication (verbal and written), and project management skills
  • Ability to learn, understand, and work with new emerging technologies, methodologies, and solutions in the Cloud/IT technology space.
  • Certification preferred in one or more of the following: CISA, CISSP, CISM, Cloud platforms such as AWS, Azure or GCP

Every Snowflake employee is expected to follow the company’s confidentiality and security standards for handling sensitive data. Snowflake employees must abide by the company’s data security plan as an essential part of their duties. It is every employee's duty to keep customer information secure and confidential.