Product Security Engineer

🕒 February 12

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of ClickHouse

ClickHouse

51 - 200 employees

Founded 2016

☁️ SaaS

🏢 Enterprise

🤖 Artificial Intelligence

SaaS • Enterprise • Artificial Intelligence

ClickHouse is a fast and resource-efficient real-time data warehouse and open-source database that is designed to deliver superior query performance for mission-critical and time-sensitive applications. It is available as a cloud service on major platforms like AWS, GCP, and Azure, with a "Bring Your Own Cloud" option and a wide range of integrations for seamless operation within diverse tech stacks. ClickHouse excels in real-time analytics, machine learning, business intelligence, and observability, making it an ideal choice for tasks such as financial services, fraud detection, and gaming analytics. It supports developer-friendly SQL operations, offers cost-effective storage solutions, and provides an open-source alternative to traditional databases. Companies like Sony, Lyft, Cisco, GitLab, and Twilio leverage ClickHouse for its scalability, efficiency, and ease of use.

📋 Description

• Collaborate with engineering and product on improving existing and building new product features with focus on threat modeling, assurance and secure implementation, some examples of recent work include implementation of secure key management, passwordless authentication, m2m authentication, sandboxing and compute/network/storage isolation • Identify security gaps and vulnerabilities in ClickHouse Cloud and OSS, triage a wide range of vulnerabilities reported via our bug bounty program, responsible disclosure, GitHub Issues covering web, API and server - client assets including low level memory issues like heap or buffer overflows • Improve and develop security assurance activities - pentests, vulnerability assessments, bug bounty programs, fuzzing • Drive implementation and usage of engineering security tools - static, dynamic code analysis, dependency checks, code licensing compliance (working knowledge of Snyk, Semgrep, GitHub CodeQL) • Nurture the engineering - security relationship, identify and implement process and technology improvements • Handle information security events and incidents across ClickHouse products and services • Develop processes, tooling and automation to scale security processes and mitigate risks to the business.

🎯 Requirements

• Experience supporting engineering and product implementation efforts by performing threat assessments, assurance activities, advisory as well as, in some cases, implementation work across distributed systems covering web, API, client/server assets • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure), Kubernetes, Cilium • Experience implementing and operating engineering security tools and processes (e.g. static / dynamic code analysis, software composition analysis, SBOM, OWASP SAMM, client and network fuzzing tools) • Significant development and automation experience, ability to work with C++ code • Security as code mindset, with focus on solving problems with automation and scale in mind.

🏖️ Benefits

• Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries. • Healthcare - Employer contributions towards your healthcare. • Equity in the company - Every new team member who joins our company receives stock options. • Time off - Flexible time off in the US, generous entitlement in other countries. • A $500 Home office setup if you’re a remote employee. • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites.

Apply Now

Similar Jobs

🕒 February 11

World Cocoa Foundation

11 - 50

🌾 Agriculture

🤝 Non-profit

🌍 Social Impact

Senior Information Security Consultant at World Foundation, solving global security challenges and ensuring protocol integrity through hands-on guidance and team collaboration.

AWS

Cloud

Cyber Security

Terraform

🕒 December 10, 2025

Dräger

10,000+ employees

🤝 B2B

🔧 Hardware

📚 Education

Business Development Manager overseeing Defence & Security operations for Emergency & Rescue Services. Focused on market success, growth, and profitability across regions.

🗣️🇩🇪 German Required

🕒 November 20, 2025

workidentity GmbH

11 - 50

👥 HR Tech

🎯 Recruiter

🤝 B2B

IT Security Consultant for an IT consulting firm in northern Germany. Involved in diverse security projects, analyzing IT infrastructures, and implementing security measures.

🗣️🇩🇪 German Required

Azure

Cloud

Firewalls

🕒 November 5, 2025

PeSeCo OÜ Personnel Service Collective

1 - 10

🎯 Recruiter

🤝 B2B

As a Security Consultant for BSI IT Grundschutz, you will enhance ISMS and implement IT security concepts. Join a team dedicated to cybersecurity and data protection methodologies.

🗣️🇩🇪 German Required

🕒 November 5, 2025

PeSeCo OÜ Personnel Service Collective

1 - 10

🎯 Recruiter

🤝 B2B

Experienced SOC Security Engineer involved in cybersecurity measures and vulnerability assessments for a client-focused IT service provider. Working with various security technologies to enhance organizational defenses.

🗣️🇩🇪 German Required

Splunk