Senior Penetration Tester
Posted on 2/6/2024
Snowflake

5,001-10,000 employees

Data warehouse for the cloud
Company Overview
Snowflake has become a global force to help mobilize the world’s data. Snowflake enables thousands of organizations to have seamless access to explore, share, and unlock the true value of their data.
Data & Analytics

Company Stage

N/A

Total Funding

$2.5B

Founded

2012

Headquarters

,

Growth & Insights
Headcount

6 month growth

6%

1 year growth

18%

2 year growth

83%
Locations
San Mateo, CA, USA
Experience Level
Entry
Junior
Mid
Senior
Expert
Desired Skills
Kubernetes
Microsoft Azure
Python
JavaScript
Java
AWS
REST APIs
Google Cloud Platform
CategoriesNew
DevOps & Infrastructure
Software Engineering
Requirements
  • 5+ years experience pen testing services deployed in public cloud infrastructure
  • Solid understanding of modern cloud technology components and deployment patterns: virtual machines, containers, Kubernetes, serverless, infrastructure as code, etc.
  • Expert understanding of software security architecture and design, threat modeling, code review, and mitigations for common application security issues
  • Knowledge of web and security protocols: HTTP, REST, CSP, CORS, OAuth
  • Deep familiarity with current offensive security practices, bug bounty programs, CTFs, fuzzing, and other pen test tools and techniques
  • Demonstrated ability to collaborate with other teams to achieve complex objectives
Responsibilities
  • Perform penetration testing engagements against a diverse cloud environment and find vulnerabilities in software, systems, and networks
  • Develop tools, methodologies and infrastructure to support penetration testing engagements in a variety of cloud environments and novel platforms
  • Set scope, objectives, and timelines for penetration testing engagements and leverage data to create useful metrics
  • Work with security and engineering teams to communicate findings, recommendations, and knowledge to key stakeholders
  • Play a leadership role in building an App Sec program that has a wide scope and impact
Desired Qualifications
  • 7+ years experience working in an information security discipline
  • Ability to find and exploit bugs in: C++, Java, JavaScript, Go, and Python; Kubernetes, AWS, GCP, or Azure; Memory management, namespaces, cgroups, etc.
  • Prior experience working in a high growth, cloud native technology company
  • Fluency in one or more programming or scripting languages: Java, Python, C++, Go
  • Have read and are capable of implementing ideas from “Site Reliability Engineering”, “Building Secure & Reliable Systems”, or “Engineering Trustworthy Systems”
  • Contributions to the security community, such as open source tools, research papers, conference talks, etc.