Join ClickHouse's Security Team, responsible for application, cloud and enterprise security, incident response, detection and GRC; this role can be fully remote from anywhere in Germany.
Responsibilities
- ▹Collaborate with engineering and product on threat modeling and secure implementation (key management, passwordless auth, m2m auth, sandboxing, isolation)
- ▹Identify security gaps and vulnerabilities in ClickHouse Cloud and OSS; triage bug bounty and responsible disclosure reports
- ▹Improve security assurance activities: pentests, vulnerability assessments, bug bounty program, fuzzing
- ▹Drive adoption of engineering security tools (static/dynamic code analysis, dependency checks, license compliance)
- ▹Nurture the engineering-security relationship, implementing process and technology improvements
- ▹Handle information security events and incidents across ClickHouse products and services
- ▹Develop processes, tooling and automation to scale security practices
Requirements
- ▹Experience supporting engineering and product teams with threat assessments and assurance activities across distributed systems (web, API, client/server)
- ▹Strong knowledge of at least one cloud provider (AWS, GCP, Azure), Kubernetes, Cilium
- ▹Experience implementing and operating engineering security tools and processes (static/dynamic code analysis, SCA, SBOM, OWASP SAMM, fuzzing)
- ▹Significant development and automation experience, ability to work with C++ code
- ▹Security-as-code mindset, focused on solving problems through automation and scale
Nice to have
- ▹BS, MS, or PhD in Computer Science or a related field
- ▹Previous contributions to open source projects
- ▹Security or cloud-related certifications (AWS, GCP, Azure)
Soft skills
Proactive, hands-on security mindsetStrong collaboration skills with engineering teamsIndependent, automation-focused thinking
About the company
ClickHouse's Security Team provides application, cloud and enterprise security capabilities, incident response, detection and GRC for ClickHouse's products and services.
Similar jobs

Job
Product Security Engineer
ClickHouse
💰 Salary: not specified
🏢 On-site
🇺🇸 United States
🗣️ EN

Job
Software Engineer II - Message Security Products
Abnormal Security
+5
💰 Salary: not specified
🌍 Remote
🇺🇸 Remote
🗣️ EN

Job
Cloud Security Engineer
Braintrust
+2
💰 Salary: not specified
🏢 On-site
🇺🇸 San Francisco
🗣️ EN

Job
Principal Software Engineer, Infrastructure Security
OpenAI
💰 Salary: not specified
🌍 Remote
🇺🇸 Remote - US
🗣️ EN

Job
Software Engineer, Infrastructure Security
OpenAI
+1
💰 Salary: not specified
🌍 Remote
🇺🇸 Remote - US
🗣️ EN

Job
Security Engineer, Detection and Response
OpenAI
💰 Salary: not specified
🏢 On-site
🇺🇸 San Francisco
🗣️ EN