I have the following script to look up the sys_user_has_role table and remove roles from users

var user = new GlideRecord('sys_user');
user.query();
while (user.next()) {

    // Check if user has snc_internal role
    var roleQuery = new GlideRecord('sys_user_has_role');
    roleQuery.addEncodedQuery("user=" + user.sys_id + "^role=7fcaa702933002009c8579b4f47ffbde"); //sys_id of the SNC_internal role 
    roleQuery.query();

    // If user does NOT have snc_internal, delete the role record if it exists (it will remove the correlation from the sys_user_has_role table between the user and the role, so remove it from the suer account)
    if(roleQuery.getRowCount() == 0) {
        var deleteQuery = new GlideRecord('sys_user_has_role');
        deleteQuery.addEncodedQuery("user=" + user.sys_id + '^role=341fa5f60fa51010784dd2d92f767ec6'); //sys_id of the sn_wsd_core.workplace_user role 
        deleteQuery.query();
        if(deleteQuery.next()) {
            deleteQuery.deleteRecord();
        }
    }

}

 I have tried to modify the beginning in this way 

var user = new GlideRecord('sys_user');
user.addEncodedQuery('user_name','NOTLIKE','@emailsuffix.com');
user.query();
while (user.next()) {

and removed that part then 

// Check if user has snc_internal role
    var roleQuery = new GlideRecord('sys_user_has_role');
    roleQuery.addEncodedQuery("user=" + user.sys_id + "^role=7fcaa702933002009c8579b4f47ffbde"); //sys_id of the SNC_internal role 
    roleQuery.query();

as I want to remove a specific role from all the users in case their user id contains tis suffix. How could I do this, as the above approach is giving me null values.