Product Security Engineer Jobs

ClickHouse

Location:
Canada

Category:
IT - Software Development

Contract Type:
Not provided

Salary:

Not provided

Save Job

Apply Position

Job Description:

About the team: The Security Team is responsible for providing key security capabilities covering application, cloud and enterprise security, incident response, detection and GRC. Our team is looking for an experienced, hands-on security practitioner, who will drive the adoption of modern security processes and tooling, with focus on supporting our engineering and product teams in improving the security posture of our platforms and services.

Job Responsibility:

Collaborate with engineering and product on improving existing and building new product features with focus on threat modeling, assurance and secure implementation
Identify security gaps and vulnerabilities in ClickHouse Cloud and OSS, triage a wide range of vulnerabilities reported via our bug bounty program, responsible disclosure, GitHub Issues covering web, API and server - client assets including low level memory issues like heap or buffer overflows
Improve and develop security assurance activities - pentests, vulnerability assessments, bug bounty programs, fuzzing
Drive implementation and usage of engineering security tools - static, dynamic code analysis, dependency checks, code licensing compliance (working knowledge of Snyk, Semgrep, GitHub CodeQL)
Nurture the engineering - security relationship, identify and implement process and technology improvements
Handle information security events and incidents across ClickHouse products and services
Develop processes, tooling and automation to scale security processes and mitigate risks to the business

Requirements:

Experience supporting engineering and product implementation efforts by performing threat assessments, assurance activities, advisory as well as, in some cases, implementation work across distributed systems covering web, API, client/server assets
Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure), Kubernetes, Cilium
Experience implementing and operating engineering security tools and processes (e.g. static / dynamic code analysis, software composition analysis, SBOM, OWASP SAMM, client and network fuzzing tools)
Significant development and automation experience, ability to work with C++ code
Security as code mindset, with focus on solving problems with automation and scale in mind

Nice to have:

BS, MS, or PhD in Computer Science or related field
Previous contributions to open source projects
Security or cloud related certifications (AWS, GCP, Azure)

What we offer:

Flexible work environment
Healthcare - Employer contributions towards your healthcare
Equity in the company - Every new team member who joins our company receives stock options
Time off - Flexible time off in the US, generous entitlement in other countries
A $500 Home office setup if you’re a remote employee
Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites

Additional Information:

Job Posted:
December 07, 2025

Work Type:

Remote work

View All Jobs In This Company

Job Link Share:

Product Security Engineer