RemoteLeaf Logo
Log in Sign up

Product Security Engineer

4 hours, 58 minutes ago
United States, Canada
Full-time
Senior
Application Security Engineer
Cybersecurity
AWS Azure C++ GCP Kubernetes Penetration Testing
Apply Now
ClickHouse

ClickHouse

ClickHouse provides a fast open source column-oriented database management system that enables users to generate real-time analytical data reports through SQL queries, catering to the needs of industries requiring efficient data processing and analysis.

IT Services
51-250
Founded 2021
$300M raised
View All Jobs 163

Description

  • Collaborate with engineering and product teams to improve existing features and build new ones with secure design and implementation in mind.
  • Perform threat modeling, assurance activities, and security advisory work for distributed web, API, client, and server systems.
  • Identify security gaps and vulnerabilities in ClickHouse Cloud and OSS, including issues surfaced through bug bounty, responsible disclosure, and GitHub issues.
  • Triage vulnerabilities across web, API, and server-client assets, including low-level memory issues such as heap and buffer overflows.
  • Improve and develop security assurance activities such as pentests, vulnerability assessments, bug bounty programs, and fuzzing.
  • Drive adoption and usage of engineering security tools, including static and dynamic analysis, dependency checks, and code licensing compliance tools.
  • Nurture the engineering-security relationship and implement process and technology improvements.
  • Handle information security events and incidents across ClickHouse products and services.
  • Develop processes, tooling, and automation to scale security operations and reduce business risk.

Requirements

  • Experience supporting engineering and product teams through threat assessments, assurance activities, advisory work, and implementation across distributed systems.
  • Strong knowledge of at least one cloud service provider such as AWS, GCP, or Azure.
  • Experience with Kubernetes and Cilium.
  • Experience implementing and operating security tools and processes such as static/dynamic code analysis, software composition analysis, SBOM, OWASP SAMM, and fuzzing tools.
  • Significant development and automation experience.
  • Ability to work with C++ code.
  • Security-as-code mindset with a focus on automation and scale.
  • BS, MS, or PhD in Computer Science or a related field (preferred).
  • Previous contributions to open source projects (preferred).
  • Security or cloud-related certifications in AWS, GCP, or Azure (preferred).

Benefits

  • Fully remote work anywhere in Canada or the United States.
  • Flexible work environment with remote-friendly global distribution across more than 20 countries.
  • Employer contributions toward healthcare.
  • Equity in the company through stock options for new team members.
  • Flexible time off in the US and generous time off in other countries.
  • $500 home office setup stipend for remote employees.
  • Opportunities to connect through company-wide global offsites.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Wiz

Security Engineer - Product & Production Infrastructure

Wiz 251-1K IT Services

Wiz is hiring a Security Engineer for Product & Production Infrastructure to secure its cloud products, CI/CD, and production environments through security reviews, vulnerability management, and detection and response work.

Germany Full-time Senior Application Security Engineer Security Engineer
AWS Azure CI/CD GCP Go Helm Kubernetes Python Rust Terraform
4 hours, 58 minutes ago
Veracode

Senior Security Researcher

Veracode 251-1K Internet Software & Services

Veracode is hiring a Senior Security Researcher to lead Applied Research projects that improve its Static Application Security Testing platform while producing original security research for the broader community.

United States Full-time Senior Application Security Engineer
C C# C++ .NET Penetration Testing Prototyping
7 hours, 13 minutes ago
Abnormal AI

Senior Application Security Engineer

Abnormal AI Internet Software & Services

Abnormal AI is hiring a Senior Application Security Engineer to secure its AI-powered cybersecurity applications by embedding application security into development, architecture, and incident response across engineering teams.

United States Full-time Senior Application Security Engineer
$130k-$187k
Burp Suite CI/CD Encryption Git Go Java JavaScript Linux Microservices Python SonarQube TypeScript
7 hours, 28 minutes ago
Wiz

Security Engineer - Product & Production Infrastructure

Wiz 251-1K IT Services

Wiz is seeking a Security Engineer for Product & Production Infrastructure to secure its cloud-native products, CI/CD, and production environments while helping shape defensive practices across the company.

France Senior Application Security Engineer Security Engineer
AWS Azure CI/CD GCP Go Helm Kubernetes Python Rust Terraform
7 hours, 43 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers