HMG America LLC is the best Business Solutions focused Information Technology Company with IT consulting and services, software and web development, staff augmentation and other professional services. One of our direct clients is looking for Snowflake Security & Access Governance Lead/ Architect in Canada. Below is the detailed job description.
Job Title: Snowflake Security & Access Governance Lead/ Architect
Location: Remote Canada
Type: Contract
Enterprise RBAC is must have skill
Job Description:
We are seeking an experienced Snowflake Security & Access Governance Architect to lead the design, implementation, and governance of enterprise-wide security controls within the Snowflake data platform. The ideal candidate will possess deep expertise in Snowflake security architecture, identity and access management, data protection, AI governance, network security, and compliance auditing. This role will be responsible for ensuring secure access to enterprise data assets while enabling advanced analytics and AI capabilities in a controlled and compliant manner.
Enterprise RBAC & Identity Lifecycle: Architect and maintain Snowflake's Role-Based Access Control (RBAC) hierarchy, integrating Single Sign-On (SSO), MFA, and SCIM-driven user provisioning to enforce strict least-privilege principles across all schemas, warehouses, and data assets.
Granular Data Masking & Protection: Configure and monitor Snowflake Horizon security features-including dynamic column-level masking, row-access policies, tag-based data classification, and customer-managed encryption keys (Tri-Secret Secure)-to safeguard sensitive enterprise datasets.
Cortex AI Access Governance: Manage access to GenAI capabilities by configuring built-in roles (CORTEX_USER, COPILOT_USER), enforcing granular per-function permissions (AI_COMPLETE, AI_CLASSIFY), and restricting Large Language Model (LLM) access via model-level RBAC and account-level allowlists.
Network Boundaries & Egress Control: Secure Snowflake network architecture by establishing and auditing Network Policies, implementing Private Link (AWS, Azure, or Google Cloud Platform) endpoints, and restricting egress traffic to ensure all analytical and AI workloads execute inside a private cloud boundary.
Security Auditing & Agent Monitoring: Oversee system observability and traceability by analyzing Snowflake Access History and Account Usage metadata to audit AI query patterns, track Cortex AI agent interactions, and surface non-human identity (NHI) access drift.