Detection and Incident Response Security Engineer

Summary

Join ClickHouse's Security Team as an experienced security practitioner to enhance our detection and incident response capabilities. You will develop processes, tooling, and automation to scale incident management, collaborate with various teams to identify detection use cases, apply a threat modeling approach to incident detection and response, maintain the security logging platform, and handle information security events and incidents. The ideal candidate possesses a background in product security, red teaming, penetration testing, or threat modeling, along with incident detection and response experience. Strong cloud service provider knowledge (AWS, GCP, Azure) and excellent communication skills are essential. Experience securing large-scale customer-facing cloud infrastructures and significant development and automation experience (preferably in Golang and Python) are also required. ClickHouse offers a flexible work environment, healthcare contributions, company equity, flexible time off, a home office setup allowance, global gatherings, and the opportunity to shape the company culture.

Requirements

• Background in product security / red teaming / penetration testing / threat modelling, combined with incident detection and response experience
• Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
• Excellent written and verbal communication skills
• Experience securing large-scale customer-facing cloud infrastructures
• Significant development and automation experience; preference for Golang and Python

Responsibilities

• Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
• Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
• Apply a threat modelling centric approach to incident detection and response
• Maintain security logging platform
• Handle information security events and incidents across the ClickHouse products and services

Preferred Qualifications

• BS, MS, or PhD in Computer Science or related field
• Previous contributions to open source projects
• Security or cloud related certifications

Benefits

• Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
• Healthcare - Employer contributions towards your healthcare
• Equity in the company - Every new team member who joins our company receives stock options
• Time off - Flexible time off in the US, generous entitlement in other countries
• A $500 Home office setup if you’re a remote employee
• Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites