# Security Engineer - Threat Detection
**Company:** [Snowflake](https://hotfix.jobs/companies/snowflake)
**Location:** Remote
**Salary:** $122K-$175K
**Skills:** Python, Go, SQL, Terraform, CloudFormation, AWS, Azure, GCP, CI/CD, Infrastructure As Code, Detections As Code, AI/ML, Kubernetes
**Posted:** 2026-05-06
> Builds and deploys AI-assisted threat detections, automates security workflows, and improves detection quality using modern engineering practices at cloud scale. Requires security expertise, coding proficiency in Python/Go/SQL, cloud experience, and automation mindset.
## Job Description
## What You Will Do
- Develop and deploy detections using modern engineering practices (testing/validation, CI/CD pipelines, detections as code, detection development lifecycle, etc.), including both rules-based and AI-assisted detections.
- Mature our threat detection program by analyzing gaps and mitigating risks via detective controls, including experimentation with AI/ML approaches where they improve signal-to-noise ratio or analyst efficiency.
- Build and maintain strong partnerships with our stakeholders to provide detection as a service, including self-service patterns, reusable components, and AI-enhanced detections that support their domains.
- Continuously measure and improve detection quality (coverage, precision/recall, false positive rate, latency).

## What You Need
**Security Engineering Experience**
- Threat Detection, Incident Response, Threat Hunting, Product Security, Corporate Security, or other related disciplines.

**Technical Skills**
- Solid experience writing code (Python, Go, etc.), with desire to apply to AI/ML-powered use cases in detection and response.
- Experience collaborating with various security teams and stakeholders.
- Ability to review and analyze logging and observability requirements that support detection and response.
- Risk-based approach to security to prioritize key initiatives and determine AI value over traditional rules/heuristics.
- Knowledge of current security landscape: cloud security, identity and access, SaaS security, endpoint security, data security, insider risk.
- Automation-first mindset: CI/CD, infrastructure as code, detections as code.

## Minimum Qualifications
- Experience with development in high-level programming language (Go, Python, etc.), applied to data-heavy, automation, or AI-related projects.
- Experience handling data programmatically (SQL, Python, etc.), including large-scale log and telemetry datasets.
- Experience writing production code including unit tests, version control, and CI/CD integration.
- Experience with at least one major cloud provider (AWS, Azure, GCP) and its logging, monitoring, security services.
- Familiarity with SaaS and workstation risks (account compromise, data exfiltration, phishing, supply chain attacks).

## Preferred Qualifications
- Computer Science degree or equivalent.
- Infrastructure as code (Terraform, CloudFormation), detections as code frameworks.
- Production-level software for high-volume data streams (logging, metrics, traces) or security analytics.
- Deploying detections at global scale.
- Experience with Snowflake or equivalent cloud data platforms, data pipelines, security workloads.
**Apply:** https://hotfix.jobs/jobs/security-engineer-threat-detection-at-snowflake-43718920-68b7-4e4a-8adf-20703e2271c3
**Canonical:** https://hotfix.jobs/jobs/security-engineer-threat-detection-at-snowflake-43718920-68b7-4e4a-8adf-20703e2271c3