Governance, Risk, and Compliance Engineer

Summary

Join ClickHouse's Governance, Risk, and Compliance team as a key player in defining and delivering comprehensive compliance programs. You will work across the company to implement and maintain processes supporting GRC initiatives, including SOC 2, ISO 27001, PCI, HIPAA, GDPR, FedRAMP, and more. This hands-on role requires extensive experience in IT audit, GRC, or information security, along with relevant certifications. You will collaborate with various teams, perform compliance monitoring tasks, and leverage your expertise to ensure ClickHouse's adherence to industry standards. The position offers a competitive salary, stock options, and a flexible remote-first work environment. ClickHouse is a fast-growing company, providing opportunities for professional growth and the chance to shape its culture.

Requirements

• 7+ years of experience in IT audit, GRC, and/or information security
• One or more of the following certifications CISA, PCIP, CIPP, or equivalent
• Extensive knowledge of security compliance frameworks, including interpretation and implementation
• Hands on experience using and managing GRC and security tools
• Demonstrated problem solving abilities; as shown through outsized accomplishments for the role held
• Understanding of compliance levers in cloud (AWS, GCP, Azure)
• Ability to learn quickly and adapt techniques supporting a startup environment
• Flexibility to pick up additional tasks where needed
• Must be a US Citizen (due to working with US government customers) and reside full time in the United States

Responsibilities

• Work across the company to define and deliver compliance programs, including SOC 2, ISO 27001, PCI, HIPAA, GDPR, FedRAMP, etc
• Work with engineering to validate compliance-relevant changes, including performing product testing and help draft documentation
• Perform compliance monitoring tasks, including employee security onboarding, performing vendor reviews, responding to customer surveys, and performing quarterly access reviews, ASV scans, and risk assessment refresh
• Coordinate with Operations to support access governance through Okta and Lumos onboarding and configuration
• Coordinate with Marketing and Privacy Legal to support the company’s privacy tooling
• Coordinate with Security to maintain corporate security tooling and processes

Preferred Qualifications

• Deep understanding of database technologies is a plus
• Hands on experience coding (scripting, software development) is a plus

Benefits

• Flexible work environment - ClickHouse is a distributed company offering remote-first work to all employees
• Healthcare - Employer contributions towards your healthcare
• Equity in the company - Every new team member who joins our company receives stock options
• Time off - Flexible time off in the US, generous entitlement in all countries
• A $500 Home office setup if you’re a remote employee
• Employee-driven international mobility - we enable you to relocate internationally if you wish (within certain countries and timelines and subject to role requirements, time zones and work permit considerations)