Snowflake

Senior Security Architect, Applied Field Engineering

Snowflake2 days ago
Location

KR-Seoul

Type

Full Time

Salary

USD 180,000 – 240,000

Level

Senior

Role

Security Engineer

Posted

Jul 17, 2026

Full TimeSenior

The role

Summary

Snowflake seeks a highly specialized Senior Security Architect for the APJ Field CTO Office, serving as the primary South Korean cloud security expert. This role bridges global cloud data architecture with South Korea's rigorous regulatory frameworks (CSAP, K-FSI), requiring 7-10+ years of hands-on information security experience with 5+ years of cloud security architecture expertise. You'll drive cloud security adoption, advise on Korea-compliant AI and data architectures, collaborate across cross-functional teams, and establish yourself as a cloud compliance evangelist in one of Asia's most regulated markets.

What you'll do

Cloud Compliance Evangelism & Regulatory Alignment: Serve as Snowflake's primary South Korean security expert and cloud compliance evangelist, bridging global cloud architecture practices with South Korea's rigorous regulatory frameworks including Cloud Security Assurance Program (CSAP) and Korea Financial Services Institute (K-FSI) Safety Evaluation requirements. Lead compliance strategy initiatives and ensure all implementations respect strict localization and regional access controls.
Security-Driven Feature Scoping & Product Strategy: Scope security-related feature enhancements on behalf of enterprise customers, collaborating with Product Management and Engineering teams to translate market-specific security requirements into actionable product roadmap items. Advocate for Korea-specific security capabilities within Snowflake's AI and Data Cloud platform.
Korea-Compliant Architecture Design & Customer Enablement: Advise customers and internal engineering teams on designing secure, Korea-compliant data and AI architectures leveraging Snowflake. Provide hands-on technical guidance on building reference architectures that incorporate data localization, network isolation, encryption standards, and IAM frameworks compliant with Korean regulatory mandates.
Cross-Functional Security Leadership: Collaborate with Sales, Product, Engineering, Marketing, Support, and Field CTO teams (including Enterprise AI, Gen AI, and Data Engineering experts) to drive customer security feature adoption and align internal stakeholders on security-first implementation practices for the Korean market.
Product Marketing & Industry Thought Leadership: Partner with Product Marketing to define and communicate Snowflake's AI and Data Cloud security posture and DataLake workload awareness. Build marketing pipelines through industry engagement including conference presentations, trade shows, webinars, and speaking engagements to establish Snowflake as the security leader in Korea's cloud market.
Technical Audits & Gap Assessment Execution: Execute comprehensive security gap assessments, control implementations, evidence collection, and manage annual surveillance/reassessment cycles for enterprise customers pursuing CSAP certification or K-FSI compliance. Serve as technical bridge between auditors, customers, and Snowflake engineering teams.
Hands-On Security Engineering & Proof of Concept Development: Build security demonstrations, configure cloud service provider environments, and test complex security use cases on Snowflake platform with relevant integrations. Develop and maintain security best practices guides, hardening documentation, and reference architectures tailored to Korean market requirements and threat landscapes.
Identity & AI Security Innovation: Lead adoption of advanced identity security frameworks including IAM/RBAC, OAuth, identity governance (SCIM), and emerging agentic identity frameworks for AI agents and LLM data pipelines. Evaluate and recommend modern security solutions addressing evolving AI-native threats in enterprise environments.
Knowledge Transfer & Community Engagement: Share security expertise with internal teams and broader industry communities through webinars, conference presentations, and technical documentation. Mentor internal colleagues on Korean regulatory landscape and serve as cultural liaison for APJ regional collaboration across multiple time zones.
Cloud Infrastructure Security Architecture: Design and implement advanced network security architectures including data localization/residency compliance, physical and logical network separation, and CSP private networking configurations (NAT, firewalls, TLS, PrivateLink). Ensure all implementations align with Korea's strict infrastructure sovereignty requirements.
Security Framework Mapping & Risk Assessment: Apply deep expertise in security frameworks (NIST, CIS, OWASP, MITRE ATT&CK) to map controls and security mechanisms within risk-centered approaches. Translate complex regulatory requirements into implementable security controls and communicate findings to technical and non-technical stakeholders.

What we look for

Technical

Cloud Security Architecture (5+ years)Demonstrated hands-on expertise in designing and implementing security architectures across AWS, Azure, GCP, or Korean CSPs (Naver Cloud, NHN). Deep understanding of cloud-native security controls, data encryption strategies, identity governance, network isolation, and compliance mechanisms specific to cloud environments.
Information Security Fundamentals (7-10+ years)Comprehensive background in hands-on information security across multiple domains including data privacy, governance, networking infrastructure, threat detection, incident response, and security technology implementation in enterprise environments.
IAM, RBAC & Identity GovernanceAdvanced expertise in Identity and Access Management (IAM), Role-Based Access Control (RBAC), OAuth, SCIM-based identity governance, and emerging agentic identity frameworks for AI agents and LLM data pipelines. Hands-on experience configuring and troubleshooting identity systems at enterprise scale.
Cloud Infrastructure & Network SecurityExpert-level knowledge of TCP/IP, IP routing, DNS, proxy architecture, TLS/SSL, firewalls, NAT, and CSP private networking solutions (AWS PrivateLink, Azure Private Endpoints, GCP Private Service Connect). Experience designing network segmentation and zero-trust architectures.
Data Localization & Network Separation ArchitectureProven experience designing and implementing physical and logical network separation, data residency compliance frameworks, and localization-specific infrastructure for highly regulated industries. Deep knowledge of Korea-specific data sovereignty requirements and implementation patterns.
Audit Lifecycle & Compliance ManagementHands-on experience executing gap assessments against compliance frameworks, implementing security controls, collecting audit evidence, and managing annual surveillance and reassessment cycles. Practical knowledge of audit processes, control testing, and remediation workflows.
Security Framework Application (NIST, CIS, OWASP, MITRE ATT&CK)Deep working knowledge of major security frameworks and their practical application to enterprise architectures. Ability to map organizational requirements to framework controls and articulate security mechanisms within risk assessment-centered approaches.
Database & Data Warehouse SecurityPractical knowledge of ANSI SQL-compliant databases and data warehousing platforms, including encryption-at-rest and in-transit, query-level access controls, audit logging, and data masking techniques relevant to cloud data warehouses like Snowflake.
Encryption & Cryptographic PrinciplesExpert understanding of encryption standards (AES, RSA, ECC), key management systems (KMS), certificate management, cryptographic hardware, and encryption strategies for data at rest, in transit, and in use across cloud platforms.
CSP Security Services & ToolsHands-on experience with cloud-native security tools and services including AWS KMS/IAM/VPC, Azure Key Vault/Entra ID, GCP VPC/Secret Manager, and third-party security integrations. Ability to evaluate and integrate security tools into Snowflake deployments.
AI Security & LLM Data Pipeline SecurityEmerging expertise in securing AI agents, orchestrators, and large language model (LLM) data pipelines. Understanding of non-human identity frameworks, AI-specific threat models, and security architectures for generative AI workloads in enterprise environments.
Technical Presentation & Architecture DocumentationAbility to create clear, technically accurate security reference architectures, hardening guides, and best practices documentation. Skill in presenting complex security concepts to both technical and executive audiences via whiteboarding, demos, and formal presentations.
Demo & Proof of Concept DevelopmentHands-on ability to build security demonstrations, configure cloud environments, test security use cases, and develop proof-of-concept implementations on Snowflake and integrated CSP services to validate architecture decisions.
Data Privacy & Governance ArchitectureComprehensive understanding of data classification, data governance frameworks, privacy-by-design principles, and implementation of privacy controls including data masking, anonymization, and consent management within cloud data platforms.

Education

Bachelor's Degree in Related FieldBachelor's degree in Information Security, Computer Science, Information Management Systems, Cybersecurity, or related technical field required.
Master's Degree (Preferred)Master's degree in Computer Science, Information Security, Business Administration, or related discipline is preferred and demonstrates commitment to advanced security architecture principles and business acumen.

Experience

Enterprise Customer EngagementProven track record of direct customer-facing work in enterprise environments, demonstrating ability to translate business requirements into technical security solutions and manage stakeholder expectations across technical and non-technical audiences.
Enterprise SaaS Selling & Pre-Sales ArchitectureExperience supporting enterprise SaaS software sales cycles, either in technical pre-sales, solution architecture, or field engineering roles. Ability to understand customer buying processes, security requirements, and competitive positioning.
South Korean Market & Regulatory NavigationDirect experience operating in the South Korean market, understanding local business practices, regulatory landscape, and vendor-customer dynamics. Familiarity with Korean compliance requirements is essential for effectiveness in this regional role.
Hands-On DevSecOps & Infrastructure-as-Code (Preferred)Practical experience with Infrastructure-as-Code (Terraform, CloudFormation), containerization (Kubernetes, Docker), and DevSecOps practices including secure CI/CD pipelines. Ability to validate security architectures through code and automation is highly valuable.
SQL, Python & API Development (Preferred)Hands-on programming experience with SQL for complex queries, Python for automation and security tooling, and REST API design/integration. These skills enable rapid prototyping and custom security solutions.
Security Operations Center (SOC) or Threat Hunting (Preferred)Prior experience in a live Security Operations Center environment or threat hunting role, providing hands-on exposure to real-world attack detection, incident response, and security monitoring best practices.
GRC & Infosec Auditing (Preferred)Background in Governance, Risk, Compliance (GRC) and information security auditing with relevant professional accreditations. Experience in control design, risk assessment, and audit evidence management.
Vertical Industry Expertise (Preferred)Prior experience implementing cloud security architectures or managing compliance programs within Korean verticals such as Manufacturing, Telecom, Financial Services, or Retail sectors. Domain knowledge accelerates market effectiveness.

Skills

Required skills

Cloud Security Architecture DesignExpert-level ability to design end-to-end cloud security architectures incorporating identity, network, data, and application layers across AWS, Azure, GCP, or Korean cloud providers.
Korean Language Proficiency (Native or Business Fluent)Native or professional business fluency in written and spoken Korean is mandatory for regulatory communications with KISA and FSI authorities, complex technical documentation, and customer engagement in Korean regulatory contexts.
English Communication (Professional Level)Professional-level English proficiency required for collaboration with Snowflake global headquarters, international customers, and documentation in English-speaking environments.
Enterprise Security Compliance FrameworksDeep working knowledge of security frameworks including NIST Cybersecurity Framework, CIS Critical Security Controls, OWASP Top 10, and MITRE ATT&CK framework with ability to apply them to enterprise architectures.
IAM & Identity Governance ImplementationPractical expertise implementing Identity and Access Management systems, RBAC models, OAuth flows, SCIM directory integration, and emerging non-human identity frameworks for AI workloads.
Data Encryption & Key ManagementExpert understanding of encryption algorithms, key derivation, key management systems (KMS), certificate lifecycle management, and encryption strategies across cloud platforms.
Network Security & Infrastructure ArchitectureAdvanced expertise in network segmentation, zero-trust architecture, VPN/TLS configuration, proxy systems, firewalls, DNS security, and private cloud networking constructs.
Technical Communication & Presentation SkillsOutstanding ability to articulate complex security concepts to both technical and non-technical audiences, excel at whiteboarding, present compelling demos, and create clear technical documentation.
Regulatory Compliance Mapping & Gap AssessmentAbility to assess current security postures against compliance frameworks, identify control gaps, design remediation strategies, and prepare evidence for audit cycles.
AI & Emerging Technology SecurityUnderstanding of AI security principles, LLM data pipeline protection, agentic identity frameworks, and emerging attack vectors in AI-native enterprise environments.

Nice to have

AWS/Azure/GCP Security CertificationsIndustry-recognized security certifications such as AWS Certified Security Specialist, Azure Security Engineer Expert, or GCP Professional Cloud Security Engineer demonstrate validated expertise.
CISSP, CISM, or CISA CredentialsGlobally recognized security certifications (Certified Information Systems Security Professional, Certified Information Security Manager, or Certified Internal Auditor) validate deep security architecture and compliance knowledge.
K-ISMS-P Lead Auditor/Assessor CredentialsKorean-specific information security management system professional certifications demonstrate validated expertise in Korean compliance frameworks and audit processes.
DevSecOps & Infrastructure-as-Code (Terraform, Kubernetes)Hands-on expertise with Terraform, CloudFormation, Kubernetes, Docker, and secure CI/CD pipeline design enables rapid infrastructure security validation and automation.
SQL & Python ProgrammingPractical SQL and Python skills enable custom security queries, automation scripts, and rapid prototyping of security solutions within data warehouse environments.
Third-Party Security Tool IntegrationExperience integrating enterprise security tools (SIEM, DLP, vulnerability management, cloud security posture management) with cloud platforms and data warehouses.
Incident Response & ForensicsPrior experience leading or supporting incident response investigations, conducting forensic analysis, and managing security crises in enterprise environments.
Kubernetes Security HardeningHands-on expertise securing containerized workloads, implementing pod security policies, network policies, RBAC in Kubernetes, and container image scanning practices.
Asia-Pacific Market & Cultural CompetencyUnderstanding of business practices, regulatory environments, and cultural nuances across Asia-Pacific region with flexibility working across multiple time zones with diverse teams.
Snowflake Platform & Ecosystem KnowledgeFamiliarity with Snowflake architecture, security features, role-based access control model, data sharing capabilities, and integration with cloud platforms and third-party tools.

Compensation & benefits

Salary

USD 180,000 – 240,000 (annual)


Apply for this position

You'll be redirected to the company's application page