We are building the next generation of cloud security infrastructure, focusing on advanced Data Exfiltration Protection (DXP) and unified Data Movement Policies (DMP). Our mission is to provide seamless, context-aware security that protects sensitive data without hindering developer velocity. We are looking for a visionary Principal Engineer to lead the technical strategy and architecture for our Data Movement and Perimeter control systems.

Role Summary

As a Principal Engineer in the Data Protection group, you will be the technical lead for the Data Exfiltration Protection (DXP) and Data Movement Policy (DMP) initiatives. You will bridge the gap between high-level security policy and low-level system enforcement, ensuring that our perimeter controls are robust, scalable, and deeply integrated with context-aware access policy frameworks. You will be responsible for the architectural evolution of our egress control systems, moving from simple IP-based rules to sophisticated, content-aware, and identity-driven data movement governance.

AS A PRINCIPAL SOFTWARE ENGINEER - IDENTITY, DATA SECURITY AND TRUST AT SNOWFLAKE YOU WILL:

• Architectural Leadership: Lead the design and implementation of the Data Movement Policy (DMP) framework, ensuring it can handle complex multi-cloud and hybrid environments.
• DXP Strategy: Define the roadmap for Data Exfiltration Protection, evolve and enhance ingress and egress controls, and intelligent anomaly detection for data egress.
• Policy Unification: Drive the technical effort to unify Context-Aware Access policies with egress perimeter controls, creating a single, cohesive policy engine for all data movement.
• Design Specification: Author and review complex design documents for DMP and Perimeter Policy, ensuring high reliability, low latency, and auditability.
• Stakeholder Collaboration: Partner with Product Management to refine the DXP product requirements and translate business goals into actionable engineering milestones.
• Mentorship: Guide senior and staff engineers across multiple teams, fostering a culture of security-first engineering and rigorous design standards.

OUR IDEAL PRINCIPAL SOFTWARE ENGINEER - IDENTITY DATA SECURITY + TRUST WILL HAVE:

• Experience: 12+ years of experience in software engineering, with at least 5 years in a principal or architect role focusing on infrastructure or security.
• Security Expertise: Deep understanding of network security protocols (TLS/SSL, HTTP/S, DNS), Zero Trust architectures, and Data Loss Prevention (DLP) technologies.
• System Design: Proven track record of designing and deploying high-scale distributed systems (Java, Go, or C++).
• Cloud Infrastructure: Strong experience with cloud-native security controls in AWS, GCP, or Azure (e.g., VPC Service Controls, Private Link).
• AI Forward: Effective deployment of AI models and tooling to improve team productivity and execution.
• Communication: Excellent ability to communicate complex technical concepts to both executive leadership and individual contributors.

Snowflake is growing fast, and we're scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake.

How do you want to make your impact?

For jobs located in the United States, please visit the job posting on the Snowflake Careers Site for salary and benefits information: careers.snowflake.com