Director - IT & Security Audit

Build the future of the AI Data Cloud. Join the Snowflake team.

Snowflake is growing and looking for a driven and passionate Director to lead and oversee the IT & Security Audit function. You will report to the Head of Internal Audit and help with an evolving workload in a fast-paced environment. If you are passionate about continuous learning and keeping up with cutting edge technology and influencing the future of audit leveraging data and automation, then this is the position for you! Whether it is facilitating Snowflake's SOX compliance efforts or conducting internal audits, we strive to enhance the effectiveness, efficiency and scalability of the company's processes, systems, and underlying internal control environment. You will be expected to problem solve, collaborate, and move fast while keeping attention to detail.

The Director will be instrumental in building a world-class IT internal audit function, that provides assurance and advisory services regarding Snowflake's IT & Security governance, risk and control effectiveness.

The Director must demonstrate significant experience with assessing risk and demonstrate excellence in designing and implementing a risk-based approach to internal auditing in a rapidly.

• Partnering and strengthening relationships with key stakeholders (including IT, Engineering and Product Security teams) for ongoing risk assessments, proactive insights on risks and oversight on planned audit(s) planning & execution.

• Deep dive into Snowflake's IT & Security control environment to develop broad domain and technical understanding of our key policies, risks & controls in place to ensure efficient ways of auditing.

• Strategic Leadership: Develop and implement the internal audit strategy aligned with organizational goals and regulatory requirements.

• Audit Planning: Design and execute a comprehensive risk-based annual IT & Security internal audit plan for approval by the Audit Committee that identifies and evaluates risk areas, controls, and compliance with internal policies and external regulations.

• Risk Assessment: Conduct risk assessments to identify system vulnerabilities, compliance gaps, and areas for improvement, ensuring robust protection against security threats and mismanagement.

• Team Management: Lead, mentor, and develop our high-performing internal audit team, fostering a culture of continuous improvement (eg. efficient and effective ways of testing controls leveraging data/ Snowflake product as needed) and professional growth.

• Reporting: Prepare and communicate clear, concise audit reports to senior management, highlighting significant findings, risks, and recommendations for improvement.

• Stakeholder Collaboration: Work closely with key stakeholders, including Engineering, Product Management, Security / IT risk management, IT Enterprise Apps teams, to build strong working relationships and facilitate collaborative approaches to managing risk.

• Continuous Improvement: Recommend enhancements to internal controls and processes based on audit findings and industry best practices, aiding in the establishment of an agile and responsive internal audit function.

• Education and Awareness: Conduct training sessions to promote awareness of internal controls, risk management, and compliance across the organization.

• 12+ years of experience with a combination of IT / Security / audit and Tech Industry background

• 10+ years in managing and building high performing teams

• Experience in leading an IT / Security audit function

• Bachelor's or Master's degree in Computer Science, Information Technology or Systems; or relevant MBA.

• Relevant work experience in IT SOX, other Technology or System audits and SOC 1 / SOC 2 / ISO / CIS controls assessment.

• In-depth knowledge of IT / IS management concepts such as logical access management, cybersecurity, change management and relevant auditing standards, compliance regulations, and risk assessment methodologies

• A record of delivery of IT process improvement projects with technology processes and/or major tech companies along with generating automated metrics to measure effectiveness and consistency.

• Experience in technical security design, compliance consulting, or advisory work in support of a highly technical environment.

• Experience with cloud-based security & deployment practices, and certifications like AWS, Azure and Google Cloud is strongly preferred.

• Strong quantitative, analytical, data-intuition, and problem-solving skills, and proficiency in data analytics techniques and query/programming languages in SQL and Python. Readability in Java is preferred.

• Working knowledge of internal controls and auditing techniques.

• Detail and team orientated; ability to work both independently and as a team member.

• Self-starter, ability to proactively problem-solve, identify, advocate for and execute improvements.

• Ability to manage multiple, concurrent projects efficiently and effectively

• Effectively manage relationships with senior management and other key stakeholders.

Every Snowflake employee is expected to follow the company's confidentiality and security standards for handling sensitive data. Snowflake employees must abide by the company's data security plan as an essential part of their duties. It is every employee's duty to keep customer information secure and confidential.

Snowflake is growing fast, and we're scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake.

How do you want to make your impact?

The following represents the expected range of compensation for this role:

• The estimated base salary range for this role is $191,000 - $284,500.
• Additionally, this role is eligible to participate in Snowflake's bonus and equity plan.

The successful candidate's starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location. This role is also eligible for a competitive benefits package that includes: medical, dental, vision, life, and disability insurance; 401(k) retirement plan; flexible spending & health savings account; at least 12 paid holidays; paid time off; parental leave; employee assistance program; and other company benefits.

Snowflake is growing fast, and we're scaling our team to help enable and accelerate our growth. We are looking for people who share our values, challenge ordinary thinking, and push the pace of innovation while building a future for themselves and Snowflake.

How do you want to make your impact?