Clickhouse
Product Security Engineer
Vaga remota de Product Security Engineer com fit claro de localização do candidato.
Publicada22 de jun. de 2026
Países elegíveis2 países aceitos
Sinal de senioridadeSenior
Modelo de trabalhoRemoto
Locais aceitos para candidatos
Países BaixosEstados Unidos
Resumo da vaga
Product Security Engineer
Requisitos e responsabilidades
Conteúdo da vaga extraído em seções para revisão mais rápida.
What you will do:
- Collaborate with engineering and product on improving existing and building new product features with focus on threat modeling, assurance and secure implementation, some examples of recent work include implementation of secure key management, passwordless authentication, m2m authentication, sandboxing and compute/network/storage isolation
- Identify security gaps and vulnerabilities in ClickHouse Cloud and OSS, triage a wide range of vulnerabilities reported via our bug bounty program, responsible disclosure, GitHub Issues covering web, API and server - client assets including low level memory issues like heap or buffer overflows
- Improve and develop security assurance activities - pentests, vulnerability assessments, bug bounty programs, fuzzing
- Drive implementation and usage of engineering security tools - static, dynamic code analysis, dependency checks, code licensing compliance (working knowledge of Snyk, Semgrep, GitHub CodeQL)
- Nurture the engineering - security relationship, identify and implement process and technology improvements
- Handle information security events and incidents across ClickHouse products and services
- Develop processes, tooling and automation to scale security processes and mitigate risks to the business
What you bring along:
- Experience supporting engineering and product implementation efforts by performing threat assessments, assurance activities, advisory as well as, in some cases, implementation work across distributed systems covering web, API, client/server assets
- Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure), Kubernetes, Cilium
- Experience implementing and operating engineering security tools and processes (e.g. static / dynamic code analysis, software composition analysis, SBOM, OWASP SAMM, client and network fuzzing tools)
- Significant development and automation experience, ability to work with C++ code
- Security as code mindset, with focus on solving problems with automation and scale in mind
Bonus Points:
- BS, MS, or PhD in Computer Science or related field
- Previous contributions to open source projects
- Security or cloud related certifications (AWS, GCP, Azure)
Perks
- Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in over 20 countries.
- Healthcare - Employer contributions towards your healthcare.
- Equity in the company - Every new team member who joins our company receives stock options.
- Time off - Flexible time off in the US, generous entitlement in other countries.
- A $500 Home office setup if you’re a remote employee.
- Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites.
Vagas similares
Mantenha uma lista reserva.
Stack
Use estas tags para comparar vagas remotas similares.
Elegibilidade de localização
Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.
Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.
Fluxo de contratação
O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.
1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.