Haystack
← Back to Jobs
Remote
Administrative

Snowflake Security & Access Governance Lead/ Architect

HMG AmericaUnited States🇺🇸United StatesPosted 16 Jul 2026

Quick Overview

Work Type
Remote
Level
Mid Senior

Job Description

HMG America LLC is the best Business Solutions focused Information Technology Company with IT consulting and services, software and web development, staff augmentation and other professional services. One of our direct clients is looking for Snowflake Security & Access Governance Lead/ Architect in Canada. Below is the detailed job description.

Job Title: Snowflake Security & Access Governance Lead/ Architect

Location: Remote Canada

Type: Contract


Enterprise RBAC is must have skill

Job Description:

We are seeking an experienced Snowflake Security & Access Governance Architect to lead the design, implementation, and governance of enterprise-wide security controls within the Snowflake data platform. The ideal candidate will possess deep expertise in Snowflake security architecture, identity and access management, data protection, AI governance, network security, and compliance auditing. This role will be responsible for ensuring secure access to enterprise data assets while enabling advanced analytics and AI capabilities in a controlled and compliant manner.


Enterprise RBAC & Identity Lifecycle: Architect and maintain Snowflake's Role-Based Access Control (RBAC) hierarchy, integrating Single Sign-On (SSO), MFA, and SCIM-driven user provisioning to enforce strict least-privilege principles across all schemas, warehouses, and data assets.

Granular Data Masking & Protection: Configure and monitor Snowflake Horizon security features-including dynamic column-level masking, row-access policies, tag-based data classification, and customer-managed encryption keys (Tri-Secret Secure)-to safeguard sensitive enterprise datasets.

Cortex AI Access Governance: Manage access to GenAI capabilities by configuring built-in roles (CORTEX_USER, COPILOT_USER), enforcing granular per-function permissions (AI_COMPLETE, AI_CLASSIFY), and restricting Large Language Model (LLM) access via model-level RBAC and account-level allowlists.

Network Boundaries & Egress Control: Secure Snowflake network architecture by establishing and auditing Network Policies, implementing Private Link (AWS, Azure, or Google Cloud Platform) endpoints, and restricting egress traffic to ensure all analytical and AI workloads execute inside a private cloud boundary.

Security Auditing & Agent Monitoring: Oversee system observability and traceability by analyzing Snowflake Access History and Account Usage metadata to audit AI query patterns, track Cortex AI agent interactions, and surface non-human identity (NHI) access drift.

Similar jobs