Snowflake SR SECURITY & COMPLIANCE SPECIALIST 

United States, California 

956521878

As a Sr. Security & Compliance Specialist, you will work across functional teams including Snowflake Engineering, Security, IT, HR, Legal, and Internal Audit to ensure product security control requirements are implemented and monitored to satisfy GxP, ISO 9001, PCI, SOC1, SOC2, HITRUST, ISO 27001, ISO 27017, ISO 27018, Cyber Essentials Plus, C5, GDPR etc. as well as European, Asian, and other regional compliance frameworks.

The Sr. Security & Compliance Specialist is an extremely high visibility, external-facing leader within the Snowflake Security team, responsible for the following primary objectives:

• Support Snowflake’s security compliance programs, regulated workload enablement, and regional audits.
• Manage and operate the quality management program and ensure compliance with the quality management information system.
• Partner with the cross functional teams to represent Snowflake’s Trust programs (Security / Compliance) to customers, regulators, and assessors globally.
• Coordinate and support customer audits in support of customer compliance objectives.
• Drive regulatory engagement and enablement for industry and region specific programs.

• Review and determine applicability of requirements of regulatory compliance frameworks
• Engage directly with customers, regulators, and auditors to manage on-site customer and compliance audits, conference calls, and / or in-person meetings
• Own regional compliance programs and other compliance offerings in collaboration with global compliance team members
• Coordinate with global and cross-functional teams to provide assessors and customers with meaningful updates on features and programs
• Validate on-going compliance of policies and procedures in support of regulatory requirements and work with our internal teams to improve policy and procedure documentation
• Follow up with internal stakeholders to ensure completion of compliance-related tasks and controls
• Understanding and ability to define technical specifications, write high-level documents, and interpret regulatory and compliance requirements into concrete product requirements.

• Experience with GxP and ISO 9001 compliance and a background and / or experience in the life sciences and healthcare industry
• Experience managing a quality management program and ensuring compliance with the quality management information system (to be compliant with ISO 9001)
• Led compliance and / security audits in the past and understands how to support an audit end to end
• Technical competence and cloud computing experience to sufficiently understand and explain complicated security concepts
• Technical understanding of AWS, Azure, and GCP cloud platforms, including how components and services are used and secured
• Familiarity and experience with the following standards: GxP, ISO 9001, PCI, SOC1, SOC2, HITRUST, ISO 27001, C5, GDPR etc.
• Project or program management experience and exceptional organizational skills and is extremely detailed oriented
• Extremely high ethical standards as proven by successful background checks and references
• Achievements that demonstrate exceptional written and verbal communication skills and experience working with executive level contacts
• Previous experience working with a variety of personalities from a variety of cultures and backgrounds
• CISA, CISSP or similar certification.