Snowflake is growing fast and we’re scaling our team to help enable and accelerate our growth. We’re passionate about our people, our customers, our values and our culture! We’re also looking for people with a growth mindset and the pragmatic insight to solve for today while building for the future. Snowflake started with a clear vision: make modern data warehousing effective, affordable, and accessible to all data users. Because traditional on-premises and cloud solutions struggle with this, Snowflake developed an innovative product with a new built-for-the-cloud architecture that combines the power of data warehousing, the flexibility of big data platforms, and the elasticity of the cloud at a fraction of the cost of traditional solutions. Since Snowflake handles a wide variety of data for its customers, Snowflake has implemented a disciplined and strategic data protection program. 

As a Sr. Security & Compliance Specialist, you will work across functional teams including Snowflake Engineering, Security, IT, HR, Legal, and Internal Audit to ensure product security control requirements are implemented and monitored to satisfy GxP, ISO 9001, PCI, SOC1, SOC2, HITRUST, ISO 27001, ISO 27017, ISO 27018, Cyber Essentials Plus, C5, GDPR etc. as well as European, Asian, and other regional compliance frameworks. 

The Sr. Security & Compliance Specialist is an extremely high visibility, external-facing leader within the Snowflake Security team, responsible for the following primary objectives:

• Support Snowflake’s security compliance programs, regulated workload enablement, and regional audits. 
• Manage and operate the quality management program and ensure compliance with the quality management information system. 
• Partner with the cross functional teams to represent Snowflake’s Trust programs  (Security / Compliance) to customers, regulators, and assessors globally. 
• Coordinate and support customer audits in support of customer compliance objectives.
• Drive regulatory engagement and enablement for industry and region specific programs.

• Review and determine applicability of requirements of regulatory compliance frameworks
• Engage directly with customers, regulators, and auditors to manage on-site customer and compliance audits, conference calls, and / or in-person meetings
• Own regional compliance programs and other compliance offerings in collaboration with global compliance team members 
• Coordinate with global and cross-functional teams to provide assessors and customers with meaningful updates on features and programs 
• Validate on-going compliance of policies and procedures in support of regulatory requirements and work with our internal teams to improve policy and procedure documentation
• Follow up with internal stakeholders to ensure completion of compliance-related tasks and controls
• Understanding and ability to define technical specifications, write high-level documents, and interpret regulatory and compliance requirements into concrete product requirements.

OUR IDEAL SR. SECURITY & COMPLIANCE SPECIALIST MUST HAVE :

• Experience with GxP and ISO 9001 compliance and a background and / or experience in the life sciences and healthcare industry
• Experience managing a quality management program and ensuring compliance with the quality management information system (to be compliant with ISO 9001)
• Led compliance and / security audits in the past and understands how to support an audit end to end
• Technical competence and cloud computing experience to sufficiently understand and explain complicated security concepts
• Technical understanding of AWS, Azure, and GCP cloud platforms, including how components and services are used and secured 
• Familiarity and experience with the following standards: GxP, ISO 9001, PCI, SOC1, SOC2, HITRUST, ISO 27001, C5, GDPR etc. 
• Project or program management experience and exceptional organizational skills and is extremely detailed oriented
• Extremely high ethical standards as proven by successful background checks and references
• Achievements that demonstrate exceptional written and verbal communication skills and experience working with executive level contacts
• Previous experience working with a variety of personalities from a variety of cultures and backgrounds
• CISA, CISSP or similar certification.

Every Snowflake employee is expected to follow the company’s confidentiality and security standards for handling sensitive data. Snowflake employees must abide by the company’s data security plan as an essential part of their duties. It is every employee's duty to keep customer information secure and confidential.