Security Governance, Risk, and Compliance Lead

ClickHouse: We are the company behind the popular open-source, high performance columnar OLAP database management system for real-time analytics. ClickHouse works 100-1000x faster than traditional approaches. By offering a true column-based DBMS, it allows for systems to generate reports from petabytes of raw data with sub-second latencies. With an amazing community already adopting our open-source technology, we are now embracing our journey in delivering Cloud first solutions to delight our customers.

With top adopters such as Uber, Cisco, and eBay - not only do our products work at lightning speed, so do we.

We are an open and collaborative company. Our colleagues are curious, engaged and excited about what they do. If you want to work in an environment where you can be an agent of change and have your voice heard- then read on.

The Security Team is responsible for providing key security capabilities covering application, cloud and enterprise security, incident response, detection and GRC, with focus on the ClickHouse cloud platform. Our team is looking for experienced, hands-on security practitioners, who will drive the adoption of modern security processes and tooling, with focus on automation and backed up by data-driven decisions.

What you will be doing:

• Own and execute the external security and privacy compliance and attestation roadmap for ClickHouse
• Collaborate with product and engineering teams and other internal stakeholders to build and operate robust controls and processes that satisfy an array of existing and emerging security and privacy-related regulatory requirements
• Interface with external audit firms, counsel, and regulators in support of pursuing, achieving, and maintaining compliance with various regulatory regimes and frameworks
• Work with ClickHouse field teams and customers throughout the sales lifecycle on GRC topics (e.g. product security inquiries, assurance discussions)

What you bring along:

• Strong knowledge of and experience with common security and privacy-related regulatory requirements and frameworks (SOC 2, ISO27001, GDPR, FedRAMP, etc.)
• Experience with GRC program development and operations
• Experience with managing multiple compliance and control frameworks
• Experience with compliance automation tools (e.g. Drata, Vanta, Tugboat Logic, TrustMAPP, etc.)

Bonus points for

• Experience in B2B SaaS or other cloud-based product offerings
• Experience with incident response, vulnerability management, and similar security programs

#LI-Remote

ClickHouse, Inc. is committed to fair and equitable compensation practices. For applicants in the state of Colorado: The salary range for this position is $150,000 -$200,000 and up. A candidate's final compensation will be determined by multiple factors to include, but not limited to, relevant work experience, skills, certifications. As part of our compensation package, this role may include bonuses, equity, and/or commissions.

Perks:

• Flexible work environment - ClickHouse is a distributed company offering both office based and remote work options (your choice!). We do not check when you log in or out. You are the owner of your calendar because work-life balance is important to us.
• Employer contributions towards your healthcare.
• Equity - Any new team member who joins our company is eligible to receive stock options.
• Our competitive time-off policy complies with all local country laws at a minimum of given time off + all paid bank holidays.
• Home office setup allowance for our remote employees.

ClickHouse, Inc. is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce. We celebrate diversity and do not discriminate based on race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability status, or any other applicable characteristics protected by law.