Security Application Security Engineer
Remote job description
ClickHouse: We are the company behind the popular open-source, high performance columnar OLAP database management system for real-time analytics. ClickHouse works 100-1000x faster than traditional approaches. By offering a true column-based DBMS, it allows for systems to generate reports from petabytes of raw data with sub-second latencies. With an amazing community already adopting our open-source technology, we are now embracing our journey in delivering Cloud first solutions to delight our customers.
With top adopters such as Uber, Cisco, and eBay - not only do our products work at lightning speed, so do we.
We are an open and collaborative company. Our colleagues are curious, engaged and excited about what they do. If you want to work in an environment where you can be an agent of change and have your voice heard- then read on.
About the Team
The Security Team is responsible for providing key security capabilities covering application, cloud and enterprise security, incident response, detection and GRC, with focus on the ClickHouse cloud platform. Our team is looking for experienced, hands-on security practitioners, who will drive the adoption of modern security processes and tooling, with focus on automation and backed up by data-driven decisions.
- Drive implementation and usage of engineering security tools - static, dynamic code analysis, dependency checks, code licensing compliance
- Nurture the engineering - security relationship, identify and implement process and technology improvements
- Identify security gaps and vulnerabilities in ClickHouse assets
- Improve and develop security assurance activities - pentests, vulnerability assessments, bug bounty programs
- Handle information security events and incidents across the ClickHouse products and services
- Develop processes, tooling and automation to scale security processes and mitigate risks to the business
- Experience implementing and operating engineering security tools and processes (e.g. static / dynamic code analysis, software composition analysis, OWASP SAMM)
- Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
- Experience with securing cloud-based product offerings
- Experience with incident response, vulnerability management, application security, and / or similar security programs
- Significant development and automation experience
- BS, MS, or PhD in Computer Science or related field
- Previous contribution to open source projects
- Flexible work environment - ClickHouse is a distributed company offering both office based and remote work options (your choice!). We do not check when you log in or out. You are the owner of your calendar because work-life balance is important to us.
- Employer contributions towards your healthcare.
- Equity - Any new team member who joins our company is eligible to receive stock options.
- Our competitive time-off policy complies with all local country laws at a minimum of given time off + all paid bank holidays.
- Home office setup allowance for our remote employees.
ClickHouse, Inc. is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce. We celebrate diversity and do not discriminate based on race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability status, or any other applicable characteristics protected by law.
Company name: ClickHouse, Inc.
Remote job title: Security Application Security Engineer