Job Description
We are seeking an experienced Snowflake Security & Access Governance Architect to lead the design, implementation, and governance of enterprise-wide security controls within the Snowflake data platform. The ideal candidate will possess deep expertise in Snowflake security architecture, identity and access management, data protection, AI governance, network security, and compliance auditing. This role will be responsible for ensuring secure access to enterprise data assets while enabling advanced analytics and AI capabilities in a controlled and compliant manner.
Enterprise RBAC & Identity Lifecycle
Architect and maintain Snowflake's Role-Based Access Control (RBAC) hierarchy, integrating Single Sign-On (SSO), MFA, and SCIM-driven user provisioning to enforce strict least-privilege principles across all schemas, warehouses, and data assets.
Granular Data Masking & Protection
Configure and monitor Snowflake Horizon security features-including dynamic column-level masking, row-access policies, tag-based data classification, and customer-managed encryption keys (Tri-Secret Secure)-to safeguard sensitive enterprise datasets.
Cortex AI Access Governance
Manage access to GenAI capabilities by configuring built-in roles (CORTEX_USER, COPILOT_USER), enforcing granular per-function permissions (AI_COMPLETE, AI_CLASSIFY), and restricting Large Language Model (LLM) access via model-level RBAC and account-level allowlists.
Network Boundaries & Egress Control
Secure Snowflake network architecture by establishing and auditing Network Policies, implementing Private Link (AWS, Azure, or Google Cloud Platform) endpoints, and restricting egress traffic to ensure all analytical and AI workloads execute inside a private cloud boundary.
Security Auditing & Agent Monitoring
Oversee system observability and traceability by analyzing Snowflake Access History and Account Usage metadata to audit AI query patterns, track Cortex AI agent interactions, and surface non-human identity (NHI) access drift.